SMO (IT Security)

Are you looking for value adding and impactful work?
Do you want to make a difference with your expertise?

With us, you’ll be able to make it happen. 

NCS is a leading technology services firm, operating across Asia Pacific in over 20 countries, providing services and solutions in consulting, digital services, technology, and more.

We believe in utilizing the power of technology to make extraordinary things happen and to create lasting impact and value for our people, communities, and partners. Our diverse 12,000-strong workforce has delivered a wealth of large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

What we do

We drive our passion for harnessing technology.
We bring people and technology together.
We advance communities and transform industries.

You will be part of a team of highly motivated individuals in the IT Governance Team, managing the services delivery and operations support of IT infrastructure on behalf of a key client of NCS.  You should have proven track records in areas of Stakeholder Management, IT Service Management, Cybersecurity Incident Management, IT Security Management, and IT Security Compliance & QA Management. You should also be familiar with relevant IT Infrastructure domains.

If you thrive on being part of IT Services delivery and on transforming the clients’ operation, then this is the position for you. Your 'hands-on' knowledge, vast exposure and wealth of experience either in vendor and/or user environments, coupled with a driven and self-motivated personality, will ensure your success.

Responsibilities

You will be performing the following scope of work for the IT Security systems and devices for a key client of NCS:

1. IT Service Management
2. Cybersecurity Incident Management
3. IT Security Management
4. IT Security Compliance & QA Management

The following are the activities in each scope of work:

Service Management

• Monitor and report on the SLA/KPI of the in-scope systems, grouped under the System Family, to the client
• Liaise and work directly with client (stakeholders, Ops Managers and/or Contractors) for purpose of project delivery and maintenance support.
• Monitor and update client on operation concern and/or compliance matters and propose resolution.
• Provide monthly summary and/or progress report on systems health, statuses, risk status and status of CR/SR and System Problem.
• Conduct and/or participate in management update meetings - CAB, Operations, Service Review, Audit and Management Meeting.
• Review reports from Operations & Support (O&S) project teams within the System Family
• Provide support to O&S Project teams during Audit, DR/BCP, Backup & Recovery exercise.
• Propose continuous improvement initiatives with recommendations to strengthen IT governance & compliance, increase efficiency on work quality and processes.
• Prepare Management plan and submit compilation to the Client annually

IT Configuration Management

• Periodically review IT asset inventory (hardware, software, network equipment, network attached equipment and end-points) records maintained and updated by Client appointed Asset Officer.
• Maintain oversight and review the Obsolescence at System Family Level.
• Prepare and submit report to Client

Incident Management

• Lead investigation and resolution of incident
• Conduct root cause analysis and recommend improvement solution for recurrent incident to Client

IT Security Management

• Schedule security scan for identified systems according to policies and verify all vulnerability rectifications are satisfactorily performed.
• Conduct Security Review on System Access and administration patterns weekly, and report unusual or suspicious activities, if any, to SMO Head Office.
• Track, mitigate and deploy patch security vulnerabilities accordingly to the stipulated timeline. Maintain oversight and submit reports on monthly basis.
• Escalate and/or seek Client’s acceptance and approval of assessed risks.

IT Security Compliance & QA Management

• Ensure compliance status of the Systems adheres to applicable standards, polices, directives and guidelines.
• Declare, review and report compliance status to SMO head office annually.
• During audit exercise, work with stakeholders to provide responses and evidence to auditors or compliance related declarations.
• Provide a Rectification Plan on any gaps found.
• Provide rectification plan for issues arising from audit.
• Seek waiver on compliance whenever it is justifiable.
• Ensure all applicable standards, policies, directives, guidelines, deliverables and quality assurance records are filed and kept up-to-date for audit and review purposes.
• Work with Client on system enhancement required for policy changes and audit requirements.

The ideal profile should have / be:

• BSc degree in Information Systems, Computer Science or similar relevant field
• Certification in CISSP / OSCP / CPSA / CRT for IT Security is a must
• Certification in CISA / CISM / CRISC / CGEIT is preferred and will be advantage
• At least 8 years of relevant experience in Cybersecurity / information systems security practice including governance, managing security policies and systems and assessing threats and vulnerabilities with at least 12 years of IT experience
• Well-versed and experienced in relevant IT Infrastructure domains will be an advantage
• Self-motivated, creative with excellent presentation, communication, negotiation and interpersonal skills including strong persuasive techniques
• Able to lead, develop and maintain respectful and trusting relationship

• Experience in leading a team is preferred
• Outstanding organizational and time management skills
• Analytical thinker and problem solver
• Attention to details
• Manage issues & risks and ensure timely escalation
• Ability to manage concurrent tasks