Overview
Senior Cyber Security Specialist – GRC and Awareness Jobs in Singapore, Singapore at Singtel
Title: Senior Cyber Security Specialist – GRC and Awareness
Company: Singtel
Location: Singapore, Singapore
Type: Full Time
Category: IT/Tech, Security
Senior Cyber Security Specialist – GRC and Awareness Singtel The Singtel Group, Asia’s leading communications group, provides a
diverse
range of services including fixed, mobile, data, internet, TV, infocomms technology (ICT), and digital solutions.
An empowering career at Singtel begins with a Hello. Our
purpose
, to Empower Every Generation, connects people to the possibilities they need to a Part of Something BIG!
We create great technology that can change the future, and we’re looking for people to be part of our digital and 5G journey. If you like to work in a
dynamic
, leading communications technology group to deliver innovations and excellence across the region, come join our digital, software engineering, data, and cyber security teams!
Make an Impact by:
Driving and performing assessment and gap analysis using Group Control Library to measure control effectiveness against the target maturity level. Recommend corrective action, tracking remediation, and regular reporting to Cyber & Info Sec Head and Singtel IT and BU SLTs.Leading security-related initiatives to uplift control to improve the security posture or adhere to regulation requirements.
Regularly reviewing IAM, Cloud, and Web Application security setup against industry best practices and regulatory standards. Providing feedback on Group policies, BU procedures, and developing Control frameworks based on the evolving threat landscape and zero trust architecture.
Overseeing the monitoring of risk-mitigation measures/deviation and regularly reporting to management.
Monitoring Security KPI and KRI for enterprise and serving as an advisor to business on cyber risk-related inquiries.
Leading and continuously enhancing the security awareness program in Singtel to foster a proactive security culture through training and security advisory based on industry best practices and cyber threats.
Conducting phishing campaigns and monitoring the effectiveness of the security awareness initiative through metrics, driving improvements to adapt to the evolving security landscape and risk profiles.
Developing and implementing security metrics, generating reports or dashboards to assess and determine the effectiveness of implemented security standards and controls, and awareness programs for improvement.
Skills for Success:
Bachelor’s degree in computer science, Cyber Security, Information Systems, Computer Engineering, or a related discipline.
Minimum 5 years of Cyber Security experience with at least 3 years in Identity and Access Management, Cloud Security, and/or Web Application Security.
Minimum 2 years of practical experience in reviewing or developing Control libraries and driving adoption, and in performing policies and process gap analysis.
At least 2 years of developing security awareness programs including security advisory.
Experience in technology controls and policy review.
Good knowledge in security architecture on cloud-related, on-premises virtual infrastructure, containerized applications, network, and database.
Strong understanding of IAM concepts, including identity lifecycle management, RBAC, access governance, and “Least Privileged” access management methodology.
Experience developing and delivering security awareness programs.
…
