Cybersecurity Consultant - Managed Agencies

Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of the Government Technology Agency (GovTech). As a Trusted Partner over the last decade, ATS offers a comprehensive suite of products and services ranging from infrastructure and operational services, authentication services, governance and assurance services as well as managed processes. In a dynamic digital and cyber landscape, where trust & collaboration are key, ATS continues to drive mutually beneficial business outcomes through collaboration with GovTech, government agencies and commercial partners to mitigate cyber risks and bolster security postures.As the Cybersecurity Consultant in one of the government agencies, you will work closely with both application and infrastructure teams to ensure that business needs are met, projects are delivered timely within projected costs, and ensure compliance are met within acceptable risks levels. You will also be called upon to support security operations and incident management.Responsibilities:Security Incident ManagementSupport IT security incident management, responses and reporting till closure. Develop, review, and maintain operational SOPs and playbooks on IT security incidents management. Coordinate and work with both internal and external teams to investigate and resolve IT security incidents (including identifying the source of infection, impact). Review and submit IT security incident reports including documenting the calendar of event for the incidents. Recommend improvements to prevent the recurrence of the IT security incidentsSecurity Operations & Reviews Review, monitor and respond to security alerts and notifications and ensure that they are attended to and addressed in a timely manner. Coordinate and work with both internal and external teams to conduct reviews (which includes but is not limited to security reviews, assessments, tests, and remediation). Plan, schedule, conduct and ensure information required for the reviews are provided by the relevant teamsEnsure reviews conducted are supported with documentary evidence and submitted timely to the agency's IT security team for closure. Security Audit & Vulnerability Assessment Provide support for audit activities and security testing (Vulnerability Assessment Scans Penetration Testing and Source Code Reviews). Ensure all findings and remediations are followed up within the time frames stipulated by relevant policies. Verify system components such as operating system, database, web servers, network devices are configured and set up according to the agency's security standards and requirementMonthly Reporting and Vendor ManagementOn top of monthly reporting, also includes providing and conducting IT security awareness, training and guidance to the users and vendors including recommending security practices and configurationsVendor management includes evaluating vendor performance and conduct regular assessments to ensure compliance with contractual agreements and service level expectationsRequirementsProven experience in IT security management with a focus on governance, risk, and compliance. In-depth knowledge of security governance frameworks, risk management methodologies, and compliance requirements. Familiar with relevant standards and regulations such as ISO 27001, GDPR, NIST, etcStrong analytical and problem-solving skills with the ability to communicate complex security and compliance issues effectively. Experience in securing SaaS Products and cloud security is preferredRelevant certifications such as CISSP, CISM, CRISC, or CGEIT are a plus. Join us and discover a meaningful and exciting career with Assurity Trusted Solutions!The remuneration package will commensurate with your qualifications and experience. Interested applicants, please click "Apply Now".We thank you for your interest and please note that only shortlisted candidates will be notified.By submitting your application, you agree that your personal data may be collected, used and disclosed by Assurity Trusted Solutions Pte. Ltd. (ATS), GovTech and their service providers and agents in accordance with ATS's privacy statement which can be found at: or such other successor site.BenefitsA wholly-owned subsidiary of GovTechWe promote a learning culture and encourage you to grow and learn