Principal Engineer, Cybersecurity (1-Net)

This role requires the individual to develop and implement IT/Cyber security strategies, policies, and procedures to protect the organization's information assets, infrastructure, and systems. The role is expected to drive cyber security solution and initiatives to improve cyber security of the organization, and effectiveness in monitoring & responding to security incidents and risks.

• Develop and implement Cyber Security strategy, roadmap, and policies to protect the organization's digital assets, systems, and data.
• Overseeing day-to-day operations of IT and Cyber security functions such as network security, server security, application security, end point security, email security, physical access security, logical access security, etc.
• Lead, drive and manage cyber security program and initiatives, ensure constant improvement and efficiency.
• Establish and maintain cyber security controls, standards, and frameworks in accordance with industry best practices and regulatory requirements.
• Collaborate with cross-functional teams to integrate security controls into the organization's systems, applications, network and infrastructure.
• Collaborate with internal audit and compliance teams to ensure effective security controls and risk mitigation measures are in place.
• Work closely with management, department heads and interact with external auditors as required.
• Monitor and analyze cyber and IT security events and incidents, and lead incident response activities to mitigate risks and minimize impact.
• Conduct regular security assessments, vulnerability scanning, and penetration testing to identify and address security weaknesses.
• Ensure compliance with relevant laws, regulations, and industry standards related to IT/Cyber security.
• Stay abreast of the latest security threats, vulnerabilities, technologies and best practices in cybersecurity to address emerging risks.
• Develop and deliver IT/Cyber security awareness and training programs to promote a security-conscious culture within the organization.
• Prepare and present reports on IT security metrics, incidents, and trends to management and stakeholders.

• Bachelor's degree in Information Security/Cyber Security, Computer Science or IT related field of study.
• Professional security certifications in IT such as CISSP, CISM, CISA, GIAC or other equivalent are preferred.
• Good knowledge and experience with security standards and frameworks like ISO 27001, NIST Cybersecurity Framework, Center Internet Security (CIS) or CSA Cyber Trust Mark / Codes of Practice.
• Minimum 5 years of experience in Cyber security audit, compliance, risk and policies management.
• Experience in IT/Cyber security management, security operations, incident response, threat monitoring, etc.
• Experience with implementing various cybersecurity architecture and security standards / processes for Cloud and On-premises IT infrastructure.
• Hands-on experience with security monitoring, network diagnostic and network analytics (SIEM, IDS/IPS, EDR, etc) will be preferred.
• Meticulous and structured, able to deliver quality and thorough work, with an eye for details.
• Self-driven and collaborative individual with good communication and interpersonal skills.
• Good written and verbal communication and presentation skills.
• Possess analytical skills and thrive in a fast-paced dynamic working environment.
• Working location: 1-Net (East) at Chai Chee/ 1-Net (North) Woodlands.