Realise your full potential with Asia's leading communications group. While we take pride in our 130-year heritage, our philosophy is to always look forward and evolve.
Today, we are a leader in cutting-edge ICT innovation and digital advances, powered by a vast network of offices in countries and territories across Asia Pacific, the Middle East, Europe and the USA.
Come be a part of our dynamic organisation as we create the infocomms landscape of the future.
Key Responsibilites : Security Advisory Management
Security Advisory Management
To manage the assessment of applicability and security risks of both regular as well as out-of-band security vulnerability notifications and other security advisories.
To review and manage the vulnerability remediation status updates
Cybersecurity Protection of the IT assets
To drive the security hardening of IT assets in accordance to approved Standards, Policy and Best Practices
Security Incident Management
To be the focal point. for the Security Incidents for Notification, Escalation, Reporting and Documentation
To track and follow-up on Security Events and Incidents and to provide management status updates
To lead and manage Security Incident Tabletop exercises
Vulnerability Scanning, Remediation & Reporting
To manage the conducting of Vulnerability Assessment or Penetration Testing and the remediation of any vulnerabilities found during such exercises
Conducting of Security Awareness Briefings
To conduct Security Awareness Trainings.
Conducting of Security Spot Checks
To drive and manage Physical Security Spot Checks.
Security Event / Alert Management
To perform investigation, impact assessment and remediation upon receipt of security events / alerts issued by Security Operations Centre and / or other sources
Security Governance & Audit-Related Activities
To drive Security Risk Assessment activities and to manage the risks identified.
To drive Audit-Related Activities such as ISO27000 Information Security Management System (ISMS).
Security Self-Assessments, Data Collation, Reporting & Meetings
To drive self-assessments and the collation of data required for reporting by the Cybersecurity Resiliency Committee, Group Risk and Chief Information Security Officer (CISO)
To collate and to provide status updates to management for out-of-band or emergency security advisories and notifications
Regular Security Reviews
To conduct Regular Security Reviews such as Log Review, Access Rights Reviews, User Recertification, etc.
Writing of Security Process & Policies
To create and / or to update Security Process & Policies that are applicable to the Department.
Job Requirements :
Diploma or higher in Computer Science, Engineering and Information Systems
5 Years in the area of security governance, audit & compliance
Certification in Security Governance-, Audit- or Compliance-related fields issued by an accredited body such as : -
ISACA CISA / CISM / CRISC
IRCA ISO27001 Lead Auditor
PCI SSC QSA
Mile2 C)ISSM / C)ISSA / C)ISRM
Excellent English written and verbal communication skills
Possess organisational capabilities and to work across departments
Good working knowledge of Security Advisories, Security Protection Devices, OS Hardening, Vulnerability Scanning, Log & Access Rights Reviews, User Recertification, Security Events and Incidents,
Let’s shape a better world through technology. Join us to lead the change.
Note to Recruitment Agencies
In sourcing for candidates for particular roles, the Singtel Group works only with a panel of selected recruitment agencies expressly engaged under written agreements.
Even then, these agencies are only activated from time to time for specific recruitment exercises for particular roles under instructions expressly issued by a member of the Singtel Talent Acquisition team.
Except under such circumstances, no agency shall source or attempt to source any candidates for the Singtel Group. The Singtel Group will not pay nor be obliged or liable to pay any recruitment fees of any kind whatsoever to any agency where candidate CVs are submitted to the Singtel Group by such agency on an unsolicited or speculative basis.
The Singtel Group reserves all rights to directly contact any candidate to which such CVs relate without any obligation or liability whatsoever to the agency concerned (including without limitation any obligation or liability to pay any recruitment fees of any kind).