Manager / Senior Manager (Cybersecurity)

•    Design, develop, implement, and manage security measures to protect systems, networks, and data.
•    Conduct security assessments to identify vulnerabilities and risks.
•    Analyse and provide recommendations to mitigate vulnerabilities and risks.
•    Ensure security baselining is performed to establish a secure configuration baseline for systems and applications.
•    Develop and maintain security policies and procedures.
•    Ensure compliance with regulatory requirements and industry standards.
•    Provide consultations for security-related matters to stakeholders.
•    Respond promptly to security incidents and involve in post-event analysis.
•    Stay current with industry trends and emerging IRAS security threats.
•    Explore and leverage on emerging technologies (e.g. AI) to enhance security posture.
•    Collaborate with various stakeholders to ensure security strategies are aligned with business goals.

•    Preferably background in cyber security, computer science or engineering related discipline.
•    At least 5 years of work experiences in Infocomm security environment, preferably in a similar role.
•    Good knowledge of security architectures and technologies.
•    Experience with security-related solution (e.g. intrusion detection systems, firewalls, VPNs), vulnerability assessment, or risk assessment.
•    Performance-driven, full of enthusiasm, capable of working independently or as a team, have a high level of initiative and integrity.

•    Analytical, with good problem-solving skills.
•    Good writing and presentation skills.
•    Excellent communications and interpersonal skills to relate to stakeholders’ concerns.
•    Open-minded and able to challenge assumptions.
•    Willingness to learn new things and explore new technologies such as AI to enhance IRAS security posture.
•    Relevant experience or knowledge in one or more of the following areas would be advantageous:
> Knowledge on OWASP (web application) top ten vulnerabilities related to web application systems, and insecure development practices in the design, coding and publishing of software or website
>  Experience in adversarial strategies to penetrate targeted environment using methodology such as MITRE ATT&CK that simulates real world attackers
> Knowledge of processes, procedures, and methods to research, analyse and disseminate threat intelligence information
> Wide Knowledge of server technologies including commonly used web servers, database servers, cloud storage and server-to-server secured network communications
> Experience in adopting new technologies such as AI to enhance security posture or security-related operations.

We regret to inform that only short-listed candidates will be notified. All successful candidates will be offered a contract role.