Consultant, IT Security

We are looking for an experienced and dedicated professional to support and manage the IT Security systems and devices for a key client. You will be responsible for the overall governance, monitoring, compliance, risk management, and incident response of IT security systems. This role requires a strong understanding of IT service and security management best practices and standards.

• Monitor and report Service Level Agreements (SLA) and Key Performance Indicators (KPI) of in-scope systems grouped by System Family.
• Engage and coordinate with client stakeholders, operations managers, and contractors for project delivery and maintenance support.
• Proactively manage and escalate operational concerns or compliance issues and propose resolutions.
• Provide monthly reports covering system health, risks, change requests (CR), service requests (SR), and problems.
• Attend and contribute to management meetings such as Operations, Audit, and Management Reviews.
• Review reports from project teams and support them during audit, DR/BCP, and backup/recovery exercises.
• Recommend continuous improvement initiatives to enhance IT governance, work efficiency, and compliance.
• Prepare and submit annual Management Plans to the client.

• Periodically review IT asset inventory (hardware, software, network devices, endpoints) in coordination with the Asset Officer.
• Review system obsolescence and submit regular reports to the client.

• Lead the investigation and resolution of security incidents.
• Perform root cause analysis and recommend long-term solutions for recurrent incidents.

• Schedule and verify security scans and vulnerability remediation in accordance with policy.
• Conduct weekly reviews of system access and administration activities; escalate any unusual or suspicious findings.
• Track, patch, and report on vulnerabilities according to defined timelines.
• Manage and maintain security tools, including but not limited to SIEM (Splunk, ArcSight) and Endpoint Detection & Response (EDR).

• Ensure adherence to relevant compliance standards, policies, and frameworks.
• Review account and log activities regularly.
• Work with stakeholders during internal and external audits; provide required evidence and documentation.
• Prepare rectification plans for audit findings or compliance gaps; seek waivers where justifiable.
• Maintain up-to-date records and documentation for all audits and quality assurance reviews.

• Identify, assess, and manage IT security risks.
• Seek client approval for residual or accepted risks and document risk mitigation strategies.

• A Degree in Information Systems, Computer Science, Engineering, or a related discipline from a recognised institution.
• Professional certifications in at least one of the following: CISSP, CISA, CISM, CRISC, or CGEIT (mandatory).
• Minimum 5 years of hands-on experience in cybersecurity or information security practices.
• At least 10 years of overall IT experience.
• Proven experience in IT security governance, security tools administration, compliance management, and risk assessment.
• Strong understanding of frameworks, standards, and security operations best practices.
• Excellent stakeholder management and communication skills.

The company is committed to ensuring the privacy and security of your information. By submitting this form, you consent to the collection, processing, and retention of the information you provide. The data collected will be used solely for the purpose of evaluating your qualifications for the position you're applying for. Your data will be stored securely and retained for the duration necessary to fulfill our hiring process. If you are not selected for the position, your data will be kept on file for a limited period in case future opportunities arise. You have the right to access, correct, or delete your data at any time by contacting us.

This is in partnership with the Employment and Employability Institute Pte Ltd (“e2i”). e2i is the empowering network for workers and employers seeking employment and employability solutions. By applying for this role, you consent to Quesscorp Singapore’s PDPA and e2i’s PDPA