Lead/ Senior Security Consultant

at  CPF Board

What the role is
As Lead/Senior Security Consultant, you will play a crucial role in helping over 4 million members save for their retirement, healthcare, and housing needs as well as helping them cope with life’s uncertainties. With a fulfilling career, career growth, and development opportunities, you will be part of a big family of dedicated professionals. Join us and champion the importance of cybersecurity in CPF systems and protect the CPF balances of Singaporeans.
What you will be working on
The jobholder is to keep the Board’s computer information systems secure, develop security programs and implement them across the Board and most importantly to build a resilient and safe cyber environment for the Board.

We are seeking for interested candidates who wish to pursue a career in Cybersecurity Governance and Assurance to join our dynamic team and contribute to the robust security posture of the Board in the following areas:

• Develop and implement cybersecurity governance frameworks, policies, and procedures to ensure compliance with industry standards and regulations.
• Conduct regular risk assessments and vulnerability assessments to identify potential security threats and weaknesses in systems and processes.
• Collaborate with cross-functional teams to design and implement effective security controls, monitoring mechanisms, and incident response plans.
• Evaluate and enhance existing cybersecurity programs to align with emerging threats and industry best practices.
• Lead and participate in internal and external cybersecurity audits, ensuring adherence to regulatory requirements and organizational policies.
• Provide expertise in evaluating and selecting security technologies, tools, and solutions to enhance the overall cybersecurity infrastructure.
• Stay abreast of industry trends, emerging threats, and advancements in cybersecurity to continuously improve the organization’s security posture.
• Work closely with stakeholders to communicate cybersecurity risks, recommendations, and mitigation strategies effectively.

What we are looking for

• Minimally 4 years of relevant information security work experience
• Relevant information security work experience
• Good knowledge of information security concepts and technologies (risk assessment, legal and regulatory requirements, threats, vulnerabilities)
• Strong understanding of industry standards, regulations, and frameworks e.g., National Institute of Standards and Technology (NIST), ISO 27001, Government’s Instruction Manuals, Center for Internet Security (CIS), Cyber Security Agency of Singapore’s Cybersecurity Act, Codes of Practice
• Hands-on experience with vulnerability management, risk assessment methodologies and security assessment tools such as exposure management and security validation, External Attack Surface Management (EASM)
• Specialised skills in one or more of the following i.e. malware analysis, penetration testing (application, systems and network), ethical hacking and computer forensics, end point detection, Web Application Firewall (WAF), SIEM and Database Activity Monitoring (DAM) will be an advantage
• Flexible in work assignment and willing to gain experiential learning by working in diverse functions where opportunities avail.

Seniority of appointment will be commensurate with relevant work experience.

What you can expect

• A challenging and rewarding career.
• A variety of formal and informal training where you can hone your skills in the evolving technology landscape.
• Promotion opportunities through your capability and on the job performance
• A friendly work environment to collaborate and co-create with like-minded colleagues.
• A hybrid work model where you can work remotely up to 50% of the time.
• A productive yet growth-oriented workplace with flexible dress code where you are empowered to decide your appropriate outfit for the day.
• Comprehensive rewards package.
• Annual leave and pro-family leave.
• Medical and dental benefits.
• Access to recreational activities.
• Position is on 2-year full-time contract directly under the payroll of CPF Board with potential for emplacement into permanent position.

Please refer the Job description for details