IT Security Officer

We are seeking IT Security Officers (ITSOs) who will serve as IT security subject matter experts, providing comprehensive support for system managers. The team will be responsible for ensuring the security of the IT infrastructure, compliance with security policies and standards, and overseeing cyber operations across all hosting environments (On premise, GDC, GCC, GCC+ and etc).

• Conduct security reviews, system hardening checks and conduct risk assessment based on deviations to hardening requirements (e.g. CIS Benchmarks).
• The team will also create PUB hardening baselines using available benchmarks (e.g. CIS Benchmarks or those provided by the manufacturer).
• Create, review and maintain Standard Operation Procedures (SOPs), plan and schedule annual reviews of security hardening documents, and perform compliance reviews.
• Monitor phishing alerts and communicate with staff regarding malicious emails, support audit activities, vulnerability scans, and penetration tests.
• Communicate and follow SOP to perform malware scans on endpoints with anti‑virus alerts.
• The ITSO shall follow up on findings identified in CSPM and in‑house CSPM tool (Cloudscape).
• Maintain a tracking system to monitor the status of remediation efforts, documenting whether recommended actions have been completed, are in progress, or require escalation, ensuring accountability and timely resolution of security issues.
• Assess whether security recommendations are required or false alarms using the GenAI tool provided by PUB to aid assessment.
• Provide vulnerability monitoring and recommend and implement mitigation actions to system Officers‑in‑Charge and infrastructure teams.
• Provide security advice or proposals on security measures for new projects and functionalities and monitor governance compliance tools, such as Cloudscape.
• Manage and update the governance compliance tools with relevant information to suppress affected findings when approval is sought.
• Respond to auditors’ RFI on security monitoring.
• Compile monthly reports summarizing progress of tasks and flag outstanding non‑remediated issues/alerts across key security domains, presenting to the Board’s Cybersecurity team.

• Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.
• Experience in IT Security for 3–9 years; overall experience not more than 20 years.
• Any internationally recognized security certifications such as CISSP, CISM, CRISC, or CISA.
• Proven experience of at least 2 years in security assessment, vulnerability management within cloud and on‑prem environments, particularly GCC.
• Familiarity with security platforms such as Azure Log Analytics, AWS CloudWatch, AWS Security Hub CSPM, and Microsoft Defender for Cloud.
• Strong analytical and problem‑solving skills necessary to resolve security related issues.

Interested candidates may apply through the application system or send an application to lv@morganmckinley.com. Shortlisted candidates will be notified.

By sending us your personal data and CV, you are deemed to consent to Morgan McKinley Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy (https://www.morganmckinley.com/sg/privacy-policy). You acknowledge that you have read, understood, and agree with the Privacy Policy.

Morgan McKinley Pte Ltd
Dinu Dinesh
EA License No: 11C5502
EAP Registration No: R22110286

• Licensing
• Remediation
• Risk Assessment
• GCC
• Azure
• Cloud Security
• Vulnerability Management
• Information Technology
• Access Control
• CCTV
• Phishing
• Annual Reviews
• Hardening
• Screening
• Audit
• CISSP

Location: Security Officer • D01 Cecil, Marina, People’s Park, Raffles Place, SG