Cyber Security Specialist

Company Description

The Ministry of Housing Pte. Ltd (MES Group, established in 1977), is a regional long-term investor specializing in property investment and management. Renowned as a leading player in the logistics and real estate industry, we excel in managing diversified real estate portfolios.

As a Singapore real estate investment trust and investment holding company, we leverage our expertise to deliver sustainable growth and value to our stakeholders.

Job Description​

You will be a member of the Group Technology Dept responsible for ensuring corporate applications, systems, networks, and digital assets are adequately protected and mitigated against cyber threats and risks. You will help drive cybersecurity and risk management efforts and user awareness and education within the Group.​

Requirements​

• Degree in IT or related fields, with 4-5 years relevant information security working experience, especially in the application security space.​
• Professional security certifications (CISSP, CISA, CEH etc) preferred.​
• Experience with Governance, Risk and Compliance (GRC) activities.​
• Familiar with PCI, PDPA, GDPR requirements​
• Experience in security technologies, practices, application/network/systems architecture and design, tests tools and processes.​
• Knowledge of cyber security threats, vulnerabilities, hacking and exploit methods etc​
• Strong oral, written, presentation and inter-personal skills.​
• Possess positive attitude with drive, initiative, enthusiasm and a keen sense of urgency in resolving high-priority issues.​
• Able to work independently and in a team-oriented, collaborative environment.​

​

**Key Responsibilities include:**​

• Provide cyber governance and risk management oversight.​
• Manage the security policy framework and relevant standards.​
• Oversee applicable security, regulatory, privacy, contractual cyber requirements.​
• Manage cyber risk analysis and self-assessments program for various information services, systems, processes, and recognized industry standards.​
• Conduct risk assessments, document results, and propose and track remediation tasks.​
• Develop compliance program top routinely assess existing infrastructure, systems, and applications for compliance and vulnerabilities and propose relevant mitigating controls.​
• Conduct vulnerability assessments and track remediation status of identified vulnerabilities.​
• Identify and assess cyber risks and recommend and drive cyber security solutions and initiatives to improve cybersecurity posture.​
• Define controls to meet regulatory, legislative, and industry specific compliance requirements.​
• Manage third party cyber risk assessment standards.​
• Prepare IT security related KPI reports and management reports for compliance monitoring and reporting.​
• Drive the implementation of GRC tool.​
• Maintain user cyber awareness and provide security advisory on emerging security threats and vulnerabilities.​
• Develop, review, and continuously improve IT security training material and conduct user training to improve user awareness and incident response readiness.​
• This role may be seconded to any of the subsidiary group.​
• Acquire relevant certification eg. ISO 27001 going forward.​