IT Security Analyst

Job Title: IT Security Analyst

Our Client: Our client is a prestigious Asset Management Brokerage Firm providing various solutions. This individual will be responsible for supervising cyber governance and risk management. They are looking for an IT Security Analyst to join their team here in Singapore!

The Responsibilities:

* Oversee cyber governance and risk management

* Develop, manage, and implement a comprehensive security policy framework and related standards11

* Ensure security governance and compliance with industry and regulatory standards (e.g., ISO27001, NIST, MAS TRMG, MAS Outsourcing Guideline, MAS Cyber Hygiene)

* Coordinate penetration testing to meet local regulatory requirements and escalate significant security risks to appropriate forums

* Monitor the remediation status of identified vulnerabilities

* Identify and assess cyber risks, recommend, and drive cybersecurity solutions and initiatives

* Maintain user awareness of cyber threats and provide advisory services on emerging security threats and vulnerabilities

* Coordinate security awareness training programs for staff

* Serve as the primary contact for inquiries from senior management and regulatory bodies, including internal and external audits

* Ensure timely remediation and independent validation of all audit findings

* Conduct annual disaster recovery exercises with internal and external stakeholders

* Regularly assess infrastructure, systems, and applications for compliance and vulnerabilities

* Develop and implement identity and access management policies and procedures

* Monitor and audit user access activities for compliance and security

* Manage user access rights and permissions across systems and applications

* Monitor security alerts and incidents, investigate and respond to breaches, and manage incidents according to established protocols

* Maintain and update security incident response plans and playbooks

* Develop, maintain, and manage the Business Continuity Program, coordinating with all departments to create a unified business continuity plan and ensuring compliance with regulatory requirements, industry standards, and overall risk management

* Conduct thorough due diligence on third parties to ensure compliance with MAS outsourcing guidelines and operational risk management standards

The Requirements:

* Minimum of 5 years of relevant experience in information security

* Familiarity with MAS Technology Risk Management Guidelines, MAS Cyber Hygiene Notice, and MAS Outsourcing Guideline

* Strong problem-solving and analytical skills

* Experience with SIEM tools such as Splunk and vulnerability assessment tools like Tenable Nessus

* Ability to perform effectively under pressure and deliver results in a fast-paced environment

* Professional security certifications (e.g., CISSP, CISA, CEH) are advantageous

* Experience in the financial industry with a solid understanding of various business processes within securities and futures brokering would be advantageous

All shortlisted candidates will be contacted.
RGF Privacy Policy - https://www.singapore.rgf-professional.com/privacy-policy
Disclaimer: The Company complies with the Tripartite Guidelines on Fair Employment Practices (TGFEP), including the prevailing guidelines on recruitment. All qualified applicants will be considered for the position regardless of their age, race, religion, nationality, marital status, or family responsibilities. A more detailed discussion of the TGFEP is available on the Tripartite Alliance for Fair and Progressive Employment Practices (TAFEP) website at https://www.tal.sg/tafep

JO Reference: JO-240606-355882