IT Security and Operation Specialist (Asst Manager Level)

FIND YOUR 'BETTER' AT Blue Care

We don’t simply believe in being ‘The Best’. We believe in better - because there’s no limit to how far ‘better’ can take us.

We believe in empowering every one of our people to find their 'better' - in the work they do, the career they build, the life they live and the difference they make. So that together we can support even more people - including our own - to live Healthier, Longer, Better Lives.

If you believe in better, we’d love to hear from you.

About the Role

This Specialist will act as the primary contact between the Group Cybersecurity Team and internal teams, ensuring efficient communication, incident tracking, and resolution facilitation.

This Specialist will be responsible to the implementation and execution of information security management governance programmes with the alignment of the Group Information Security’s strategic direction.

Additionally, this Specialist will be responsible for firewall rule reviews and Web Application Firewall (WAF) support, ensuring secure configurations and compliance with security policies.

The position requires availability for non-office hours to handle urgent security incidents.Roles and Responsibilities:

BAU Operations (40%)
Work with Group and local Risk team to handle Third Party Risk Management
Work on Third Party Security Assessment for both internal and external parties
Work with Group Information Security team to handle the issue reported at Weekly Security Dashboard
Firewall Rule Review: i) Review and validate firewall rule change requests to ensure security compliance; ii) Work with IT teams to optimize firewall rules and reduce unnecessary access.
Web Application Firewall (WAF) Support: i) Assist in managing and tuning WAF policies to protect web applications; ii) Support troubleshooting and resolving WAF-related issues.
Support audits, compliance, risk assessments and continuous security improvements.

Security Operations (40%)
Be the local SME on products and solutions offered by Group Information Security and follow up with them on all related issues
In charge of the annual recertifications of both local and Group-wide programs across all departments
Work with application teams to document and onboard new applications to strategic solutions offered by Group Information Security
Partner with Group Information Security to maintain local specific security configurations
Automate the data generation and reconcile the inventory for management reporting
Work on information preparation for audit requests

Cyber Hygiene (20%)
Execute the governance programs on security healthiness of IT assets such as applications, servers, databases, workstations, LAN ID, PIDs, etc.
Prepare the issue report for management attention
Drive the remediation of all information security issues

Minimum Job Requirements:
Bachelor’s Degree, preferred in Computer Science, Information System or related disciplines
3+ years of working experience in Information Security management, or relevant control functions in financial field.
Familiarize with Information Security management and regulatory requirements.
Previous IT risk control or audit experience, and project management are preferable.
Able to work independently, handle and manage tasks with tight deadlines.
Excellent presentation and communication skills.
Support ad-hoc tasks and assignments from the supervisor, including project-related security reviews or urgent security requests.
Certified with CISSP, CISA or CISM will be an advantage.
Experience in a multinational or regional security team is a plus.

Others:
You are required to obtain the relevant license(s) if your job involves regulated activities

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.