Job Description - IT Security Officer (CDN, WAF, DDoS)
We are seeking an experienced IT Security Officer (ITSO) to manage incidents, assess vulnerabilities, ensure policy compliance, and safeguard IT and network assets. The ideal candidate will work closely with internal IT teams and external vendors to uphold cybersecurity posture and compliance requirements.
Responsibilities:
CDN, WAF &DDoS Protection (Onboarding, Security Posture and Monitoring)
Coordinate and liaise for testing of new Akamai features or security modules (App/API Protector and testing Bot Manager Premier) to align with agency’s needs.
Coordinate and liaise on lifecycle management of web properties, microservices, and APIs routed through the CDN platform.
Coordinate and liaise of periodic, proactive audits to ensure Akamai configurations remain robust against an evolving threat landscape.
Coordinate and liaise on analysis of traffic patterns and security dashboards to differentiate between normal user spikes, search engine crawlers, and malicious scanning.
Incident Response& Security Monitoring
Track, manage, and escalate cybersecurity incidents and critical security threat events as required.
Conduct information security awareness trainings to cultivate a security-conscious culture among staff.
Stay current with emerging threats, vulnerabilities, and threat intelligence related to cloud platforms.
Disseminate security advisories, threat intelligence reports, security directives, and patch recommendations promptly to the relevant stakeholders in the agencies.
Partake in tabletop exercises, security risk management activities, audits and third-party assessments to enhance incident response readiness.
Security Product Management
Perform Vulnerability Assessments (Tenable Nessus) on applications (e.g. web client/server, mobile apps), networking and computing devices (e.g. firmware, Operating System).
Monitor security events on SIEM (e.g. Splunk, Cortex, Exa beam), perform event triage and analysis.
Perform onboarding and vulnerability scanning of computing devices before connecting to the corporate network to ensure compliance with cyber hygiene standards.
Security Governance & Compliance
Conduct periodic security reviews to ensure adherence to IT Security Policies, Standards, Controls and industry best practices.
Recommend and implement security initiatives and enhancement based on findings from tabletop exercises (TTX) and audits.
Monitor and ensure compliance with secure configuration standards across network, systems and endpoint (i.e. CIS Hardening) at agencies.
Analyse Vulnerability Assessment (VA) scan results, track and report remediation status according to the stipulated timeframe.
Network, Systems and Endpoint Security
Manage, configure, and optimize security tools and platforms to ensure effective integration with network and IT infrastructure.
Manage network, system, endpoint and runtime security of on-premises and cloud environments.
Perform regular reviews of accounts for both on-premises and on cloud systems/applications.
Documentation and Reporting
Implement and update security policies, technical baselines, Standard Operating Procedures (SOPs).
Maintain documentation of security incidents, vulnerability assessments, security checklist, security controls and policies.
Prepare and deliver regular reports to update security performance metrics, incident trends, compliance status and risk mitigation efforts.
Ensure timely escalation and reporting of cybersecurity incidents to management and stakeholders.
Collaboration and Stakeholder Management
Collaborate with various IT teams (e.g. Infrastructure, Applications, Project) and external vendors to implement and maintain security controls and measures.
Provide security advisory and recommendations to support projects and system implementations.
Act as the key liaison with stakeholders (e.g. SIRO/SIRM, IT, Application Teams) and cloud service providers to align security-by-design principles, cybersecurity strategies and compliance requirements.
Requirements:
Education & Experience
Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related discipline.
Minimum 3 years of experience in Security Operations.
PCCW Solutions, the IT flagship of PCCW Group, is a leading IT services company, a digital transformation and outsourcing partner of choice for clients in all industries across the Pan-Asia region. We adopt cutting-edge technologies to empower clients transform digitally, create business values and...
All Job Ads are subject to GrabJobs’s Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by GrabJobs moderation team. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.
Be the first to receive the latest Back End Developer Full-Time Jobs in Singapore.
Setup your job alert:
By activating job alerts, I agree to GrabJobs Terms & Privacy Policy. I can unsubscribe to job alerts anytime.
Skip
GrabJobs is the no1 job portal in Singapore, connecting you to thousands of jobs fast!
Find the best jobs in Singapore, apply in 1 click and get a job today!