To elevate the Group's security posture through proactive analysis and mitigation of cyber security threats and risks, especially in cloud platforms and web applications. This position plays a pivotal role in leading a team to implement security assessments, measures and processes through security engineering, penetration testing and other assessment methodologies to safeguard the environment against cyber security threats.JOB OBJECTIVESBuild an application security and penetration testing capability aligned to a recognised industry standard framework.Lead, mentor, and manage a team of cyber security specialists in performing security assessments and penetration testing on internal and cloud-based systems.Deliver, execute, and update the organization's cyber security strategy, policies, processes and tooling for continued security improvements.Monitor and analyse cyber threat intelligence and implement advanced security tools and techniques to identify and mitigate vulnerabilities.Spearhead and perform security architecture reviews, security assessments, vulnerability assessments and penetrating testing. Develop mitigation strategies and drive remediation efforts to close identified risks.Drive blue/red/purple teaming exercises to identify gaps and build SIEM/SOC use cases for proactive detection and prevention of potential threats.Engage with relevant teams to ensure effective response to and containment of security incidents, including post incident recovery and forensic investigation for root cause analysis.Manage relationships with security partners and vendors, foster compliance with IT and organizational policies, and compile cyber security reports for management and stakeholders.Promote a collaborative learning environment, ensure team capacity and skill alignment, and set clear performance management plans and KPIs to achieve security objectives.Maintain external attack surface management repository, keep abreast of emerging security issues, threats, and state-of-the-art mitigation strategies, sharing insights to bolster the Group's security posture.QUALIFICATIONSRelevant penetration testing certification such as Offensive Security Certified Professional (OSCP).Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), etc. will be an added advantage.JOB-RELATED KNOWLEDGE & EXPERIENCE3-4 years (Diploma) or 2-3 years (Degree) of experience in the IT environment.Strong knowledge of configuration and design of IT cyber security systems within an enterprise environment.Strong knowledge of maintenance and support of IT cyber security systems.Strong knowledge of IT governance and cyber security practices.Strong knowledge and understanding of risk and compliance management.JOB-RELATED SKILLSExcellent written and verbal communication skills.Ability to manage ambiguity/complexity.Able to cultivate innovation.Ability to collaborate cross-functionally.Ability to establish and maintain strong relationships with stakeholders at different levels.Cyber Security Management.JOB-RELATED COMPETENCIESLeading and Supervising.Delivering Results and Meeting Customer Expectations.Relating and Networking.Applying Expertise and Technology.Adapting and Responding to change.Deciding and Initiating Action.Presenting and Communicating Information.
#J-18808-Ljbffr