Senior Cybersecurity Consultant
IT Security Manager plans, manages and implements programmes to protect the University from cyber security threats. He/she is responsible for designing, coordinating and delivering IT security-related activities in the organisation.
- Formulate and implement Information Security Policies, standards, best practices for effective IT security, risk and compliance controls across the University;
- Educate, demonstrate and create awareness to staff and students on the security and data protection arenas;
- Evaluate, recommend and procure security solutions, products and services to defend against malicious activities and cyber-attacks;
- Respond timely to security incidents and conduct investigation and recommend the appropriate follow up actions including containment, recovery and preventive actions;
- Work with internal and external auditors in planning and conducting security audits;
- Perform audit log reviews and assessments to detect security breaches and anomalies;
- Ensure cyber security compliance in accordance to MOE security posture for Institutes of Higher Learning (IHLs);
- Keep abreast of the latest industry security practices and technologies as well as emerging threats and vulnerabilities so as to recommend appropriate controls to improve the University security posture;
- Participate in University-wide events.
- Degree in Computer Science, Computer or Information Technology;
- Minimum 5 Years of relevant working experience;
- Good knowledge of information security principles, technologies, governance, compliance as well as International security standards (e.g. ISO 27001, NIST, etc.);
- Experience in implementing security audits, controls and mitigating measures for enterprise IT infrastructure and applications;
- Familiar with implementation, operations, administration and maintenance of various enterprise security solutions, including Security Information and Event Management (SIEM) system, endpoint security, monitoring and analytics tools, firewall and Intrusion Prevention System (IPS);
- Experience in incident handling and response;
- Positive attitude with keen interest in exploring the areas of IT security;
- Good interpersonal verbal and writing skills;
- Professional certifications such as CISSP, CISM, CISA, CRISC, CCISO or CEH would be advantageous.