IT Security Officer

Work Location: 80 Toh Guan Rd E Waterhub S (608575)

• System Security and Compliance (CIS Benchmarks)
• Planning and scheduling annual reviews of security hardening documents.
• Performing compliance reviews and ensuring remediation of findings.
• Technical Support and Governance: providing vulnerability monitoring, recommending and implementing mitigation actions.
• Managing and responding to security alerts.
• Monitoring phishing alerts and communicating with staff regarding malicious emails.
• Supporting audit activities, vulnerability scans, and penetration tests.
• Communicating and following SOP to perform malware scans on endpoints with anti‑virus alerts.
• Co‑ordinating with cloud security engineers to review findings from CSPM tools such as Cloudscape.
• Tracking status of remediation efforts and ensuring accountability.
• Producing monthly reports and coordinating IT security awareness training.

The team will conduct security reviews, system hardening checks, and risk assessments based on deviations to hardening requirements (e.g., CIS Benchmarks). They will also create PUB hardening baselines and maintain a tracking system to monitor remediation status. The ITSO will work with system managers and infrastructure teams to resolve findings from cloud security posture management tools and ensure suppression expiry. Monthly reports will be summarized and presented to the Board’s Cybersecurity team, and the ITSO will coordinate monthly security awareness training and briefings.

• Cloud Security
• Security alerts & incident handling
• Security audit handling
• Security vulnerability management and mitigations
• At least 2 years of experience in cloud cybersecurity, including security assessment, vulnerability management within cloud and on‑premises environments, particularly GCC.
• Familiarity with security platforms such as Azure Log Analytics, AWS CloudWatch, AWS Security Hub CSPM, and Microsoft Defender for Cloud.

Working Hours: Monday to Friday, 8.30 am to 6 pm.

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.
• Internationally recognised security certifications such as CISSP, CISM, CRISC, or CISA.
• Strong analytical and problem‑solving skills.
• Excellent communication skills in spoken and written English.

Strong collaborative skills to ensure coordination between specialised roles and maintain comprehensive security coverage.