The IT Security Officer (ITSO) is to perform security risk, compliance assessment and guidance which may include technical and operation aspect on Cybersecurity functions within the IT operation. Because Cybersecurity governance may cover into various technologies, application and processes, thus during various assignments, the consultant will be exposed to wide variety of security items with customers and internal operation. As such, prior experience and able to work independently and resourceful will be expected. As such, prior experience and skills will help in the work and progress. However, during the course of work, assistance and guidance will be provided where needed.
The IT Security Manager (ITSM) manages the IT Security officer which includes preparing, analyzing and presenting management reporting. The ITSM will need to be able provide security related advisory during complex risk assessment. The ITSM will be expected to cover some of the ITSO duties when there is load demand. Because Cybersecurity governance may cover into various technologies, application and processes, thus during various assignments, the consultant will be exposed to wide variety of security items with customers and internal operation. As such, prior experience and able to work independently and resourceful will be expected. However, during the course of work, assistance and guidance will be provided where needed.
- Establish scope of risk analysis for new technology initiatives.
- Perform cyber risk assessment activities based on risk assessment plan.
- Conduct compliance audits like operation security compliance status review and security log review.
- Able to perform VA scan like Nessus and able understand and analyze the various types of vulnerabilities reported.
- Track remediation efforts for security and audit deficiencies. Able to understand web and system vulnerabilities is expected.
- Escalate any compliance issues to higher management.
- Provide guidance to personnel on compliance and best practices, including briefings.
- Develop documentation on methodologies, security frameworks to mitigate risk.
- Prepare security reports for operation (ITSO) and management (ITSM).
- Review security procedures, standards and exceptions.
- Support implementation of information systems and cyber security policies.
- Support the development of security policies for cyber security risk assessments and compliance audits.
- Implement IT security incident management and handle IT security incidents.
- Need to response together with IT operation for malware, intrusion alerts and IOC,IOA from CERT in a timely manner.
- Perform security risk assessment and recommend appropriate controls with technical stakeholder.
- Support implementation of preventive measures against intrusion, frauds, attacks or leaks.
- Liaison with auditors to conduct external security audits.
- Will require to explain security matters to stakeholders like reports, incidents, audits, improvements.
- May require to perform some research emerging security and risk management trends, issues, and alerts.
- Will be expected to be contactable 24x7 when critical cyber security issue arises.
- Will be expected to be seconded to government owned IT operation.
The ideal candidate should possess:
Please note that candidates with the matching attitude and experience with government run operation culture is very important. If candidate possesses the experience but lacks the certification, we will take the matching attitude and experience into consideration but the selected candidate will require to pass the necessary exams after employment after a grace period.
(a) IT Security Manager:
- Minimally five (5) years of experience in IT security governance and operations; and
- Possess Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH) or equivalent certification(s).
- Minimally three (3) years of experience in IT security governance and operations; and
- Possess Systems Security Certified Practitioner (SSCP), GIAC Certified Incident Handler (GCIH) or equivalent certification(s).