• 7000
  • Singapore
  • Permanent, Full time
  • LMA Recruitment
  • 15 Jul 19

Cyber Security Specialist

•Provide operational support to the Cyber Security Expertise Centre. Ensuring the implementation of cyber security policies, standards and regulations, best practice guidelines, support tools and projects in line with the security policies and Express IT Security Strategy. •Ensure compliance with the Information Security Policy, and responsible for the implementation of fit for purpose cyber security defence and incident response programs globally. •Provides technical guidance, expertise, and education on Cyber Security related framework, best practices, security intelligence, methodology and reporting, and support information asset owners related to a particular cyber security threat/vulnerability assessment, identify appropriate counter measures, and timely response

Accountabilities

Customer
 

  • Support the implementation of Cyber Security Program (Cyber Security Expertise Center) in Express
  • Support processes that can be implemented in the project lifecycle of Express projects, and drive the implementation globally
  • Support Global awareness trainings and programs on Cyber Security
  • Deliver reporting to Express Information Security Committee (ISC) ensuring appropriate visibility to existing and new cyber security intelligent, threats and incidents
  • Ensures that appropriate security counter measures and plans are developed by BIT, ITS and its IT service suppliers
  • Participates in Cyber Security forum (White/Black hat), law enforcements (Interpol, EUpol, Country SIRT), Security Intelligence agencies/vendors, to ensure that approach is up to date with leading edge industry security intelligence and counter measures

 

Stakeholder 
 

  • Indirect support of Corporate Functions (Security, Compliance, Data Protection) and external customers/suppliers for cyber security related request
  • Reports on the effectiveness of Express cyber security readiness to technical asset owner with explicit focus on high risk / high impact threats/vulnerabilities/incidents and actions being taken for mitigation
  • Provides support to the Risk/Compliance/Audit function on Express cyber risk exposures
  • Deliver cyber security assessment activities with entities within Express and external suppliers/customers
  • Provides input to the design and development of management practices and solutions selected from the cyber security counter measure plan
  • Maintains an Cyber Security response & reporting plan within areas of responsibility

 

Process

Cyber Security Management

 

  • Develop & deliver Cyber Security best practices/processes/tool
  • Perform Threat and Vulnerability assessment, and control selection to identify fit-for-purpose counter measures
  • Perform application security testing (static & dynamic) and recommend resolution for risk mitigation as part of secure SDLC process
  • Proactively monitor relevant security events and trigger security incident response as appropriate
  • Develop, collect, disseminate actionable cyber threat intelligence enhance cyber security response within the organisation
  • Work with global, regional and country stakeholders to support the cyber security reviews


 

Desired Skills / Qualifications
 

  • Degree level or equivalent
  • Formal information security accreditation (e.g. CEH, CISSP, CISM, CISA,CRISC or equivalent experience)
  • 3-12 years in Information or Cyber Security role
  • 2-12 Years experiences in Vulnerability Assessment & Penetration Testing + Security
    Operations (Incident Response)
  • In depth knowledge of Cyber Security practices and methodologies
  • Strong Threat and Vulnerability Analysis
  • Good security testing techniques tools and methodologies (OSSTMM and OWASP Top 10), DevSecOps experience preferred
  • Good operations knowledge on Cyber Security incident investigation and response
  • Sound analytic and reasoning skills
  • Broad IT service / technical knowledge Network/Infrastructure/OS/Database/Application/Mobile App)
  • Good Organisational and Cultural Awareness
  • Good written and communications skills
  • Good Stakeholder management skills

 

 

Desired Skills and Experience

Security, Information Security, Network Security, Computer Security, Vulnerability Assessment, Information Security Management, Penetration Testing, Firewalls, Risk Management, IPS, Computer Forensics, CISSP, Security Audits, Linux, Analysis, Disaster Recovery, IDS, Security Architecture Design, Intrusion Detection, Python