Jobfoundry
Jobfoundry
Lenovo

[LPS] IT Security Officer - 1 Year Contract

Lenovo
ElectronicsSINGAPORE, Central Singapore, SingaporeFull-time2 days ago
Apply Now

About the role

AI summarised

This is a 1-year contract IT Security Officer role at a technology organization. The officer will be responsible for incident response, security monitoring, vulnerability management, security governance, and collaboration with IT teams to ensure cybersecurity compliance and protection.

ElectronicsFull-timeInformation Technology

Key Responsibilities

  • Track, manage, and escalate cybersecurity incidents and critical security threat events as required.
  • Conduct information security awareness trainings to cultivate a security-conscious culture among staff.
  • Stay current with emerging threats, vulnerabilities, and threat intelligence related to cloud platforms.
  • Disseminate security advisories, threat intelligence reports, security directives, and patch recommendations promptly to the relevant stakeholders in the agencies.
  • Partake in tabletop exercises, security risk management activities, audits and third-party assessments to enhance incident response readiness.
  • Perform Vulnerability Assessments (Tenable Nessus) on applications (e.g. web client/server, mobile apps), networking and computing devices (e.g. firmware, Operating System).
  • Analyse vulnerability scan results, recommend remediation actions, and track resolution status.
  • Monitor security events on SIEM (e.g. Splunk, Cortex, Exa beam), perform event triage and analysis.
  • Perform onboarding and vulnerability scanning of computing devices before connecting to the corporate network to ensure compliance with cyber hygiene standards.
  • Conduct periodic security reviews to ensure adherence to IT Security Policies, Standards, Controls and industry best practices.
  • Recommend and implement security initiatives and enhancement based on findings from tabletop exercises (TTX) and audits.
  • Monitor and ensure compliance with secure configuration standards across network, systems and endpoint (i.e. CIS Hardening) at agencies.

Requirements

  • Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related discipline.
  • Minimum 3 years of experience in Security Operations.
  • Hands-on experience with security tools (e.g. SIEM, WAF, AV, EDR, PAM, DAM).
  • Deep understanding of vulnerability management, threat analysis, and incident response (IR) processes.
  • Good understanding of secure network design, endpoint security, and system hardening techniques.
  • Familiarity with ICT security compliance frameworks, cybersecurity standards, and risk management practices.
  • Familiar with IaC security (e.g. Terraform, CloudFormation) and CI/CD security.
  • Professional certifications such as CISSP or CISM are preferred.
  • Cloud certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate or equivalent would be advantageous.
  • Strong analytical and problem-solving skills with attention to detail.
  • Effective communication skills, both written and verbal, with the ability to clearly articulate security risks and recommendations.
  • Ability to work independently with minimal supervision and collaboratively within a team in a dynamic and fast-paced environment.
  • Proactive mindset with a continuous improvement attitude towards cybersecurity operations.