SENIOR/LEAD SECURITY CONSULTANT

SENIOR/LEAD SECURITY CONSULTANT

Job Category: Information Technology
Job Type: Permanent
Job Location: Singapore

We are assisting our client, an established IT Solutions Provider providing digital transformation solutions to enterprises, to hire a Senior/Lead Security Consultant.

Responsibilities:

  • Conduct gap analysis of existing on-prem data center and cloud infrastructures, identifying and assessing gaps in the overall security posture.
  • Conduct comprehensive risk assessments to identify and mitigate security risks associated with information systems and processes.
  • Lead and coordinate system security acceptance testing to ensure that all security requirements are met before systems are deployed.
  • Collaborate with development and engineering teams to integrate security-by-design principles into the SDLC.
  • Develop and maintain security policies, standards, and guidelines to ensure compliance with industry standards and regulatory requirements.
  • Provide expert advice on security architecture and design, ensuring robust protection mechanisms are implemented.
  • Manage vulnerability assessments and penetration testing to identify and address security weaknesses.
  • Develop and deliver security training and awareness programs for employees and stakeholders.
  • Stay current with emerging security threats, technologies, and trends, and provide recommendations for continuous improvement.
  • Assist in the development and implementation of incident response plans and participate in security incident investigations as needed.
  • Prepare detailed reports and documentation for management, highlighting security risks, mitigation strategies, and compliance status.

Requirements:

  • 5 years of experience in information security, with a focus on risk assessment, system security acceptance testing, and security-by-design.
  • Professional certifications such as CISSP, CISM, or equivalent.
  • In-depth knowledge of security frameworks and standards such as ISO 27001, NIST, CIS Controls, and Cybersecurity Act of 2018.
  • Strong understanding of risk management methodologies and the ability to perform comprehensive risk assessments.
  • Proven experience in system security acceptance testing and validating security controls.
  • Expertise in integrating security-by-design principles into the SDLC.
  • Familiarity with security tools and technologies such as SIEM, IDS/IPS, Firewalls, Endpoint Protection, and Wazuh.
  • Strong in technological architectures (infrastructure/application), both in on-premises data centers and cloud infrastructures.
  • Excellent communication and interpersonal skills, with the ability to explain complex security concepts to non-technical stakeholders.
  • Strong analytical and problem-solving skills, with attention to detail.
  • Ability to work independently and as part of a team in a fast-paced environment.
  • Experience with cloud security and working with cloud service providers such as AWS, Azure, or Google Cloud.

Apply for this position

Allowed Type(s): .pdf, .doc, .docx