IT Security Officer (ITSO) - (Public Sector)

At Xtremax, this role supports government partner agencies in strengthening the resilience of government IT infrastructure. As an IT Security Officer (ITSO), you will be responsible for safeguarding mission‑critical systems, managing security risks, and ensuring compliance with industry standards and policies. This role involves proactive monitoring, incident management, governance, and collaboration with multiple stakeholders to protect government digital assets against evolving cyber threats. Candidates with public sector experience are preferred, as this role supports IT projects for government agencies.

• Develop and maintain IT security policies and action plans, reviewing them regularly to meet compliance requirements.
• Evaluate and recommend IT security products and solutions for adoption within the Customer’s IT infrastructure.
• Implement and manage risk assessment methodologies to ensure adherence to service management standards.
• Develop and enforce security management frameworks and governance structures.
• Perform additional activities necessary to secure the Customer’s IT infrastructure.

• Establish and manage IT Security Incident Management processes, including detection, response, and handling of incidents.
• Collaborate with external partners and suppliers for effective resolution of security incidents.
• Participate in industry‑wide IT security incident simulations and technical assessment exercises.
• Conduct forensic investigations, including secure disk imaging and analysis, when required.
• Monitor, analyse, and report on emerging security threats, vulnerabilities, and recommended mitigations.

• Conduct regular meetings with key stakeholders to highlight security issues and recommend improvements.
• Liaise with external suppliers, security organisations, and government stakeholders on IT security matters.

• Review and follow up on security reports generated from centralised tools, providing timely updates to the Customer.
• Manage IT asset inventory to ensure all servers, networks, and databases are onboarded and compliant with central security tools.

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.
• Must have 2–5 years of relevant experience.
• Proven experience in IT security, with strong focus on infrastructure security.
• In‑depth understanding of information security principles, best practices, and regulatory requirements.
• Hands‑on experience with security tools and technologies.
• Familiarity with forensic investigation techniques and tools.
• Strong analytical and problem‑solving skills.
• Excellent communication skills, both written and verbal.
• Ability to work independently and collaboratively in a team setting.
• Experience liaising with external partners and suppliers on security matters.

• Experience with Singapore Government Project will be advantageous.

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• GIAC Certified Incident Handler (GCIH)
• CompTIA Cybersecurity Analyst (CySA+)