93 Privileged Access jobs in Singapore

Carry out the end-to-end security management for enterprise of application security, host security, data security, network security, including but not limited to security policy management and system maintenance.
Responsible for the Governance, Risk and Compliance technical implementation of personal information protection requirements.
Project management, plan and coordinate security tools implementation throughout the overseas region. Providing periodic reporting of progress and issues.
Conduct and perform periodic security awareness training and phishing campaigns.
Responsible for the break-down and implementation of the development work in the baseline specification and technical architecture.
The ideal candidates we are looking for should be seasoned Information Security Professionals with:
KEY REQUIREMENTS
Bachelor’s degree or above in Computer Science.
At least 3 years working experience in network or information security related fields.
Familiar with ISO27001, ITIL related technical standards and control measures.
Familiar with common information security products and technical principles, e.g. system and network security, DLP, antivirus, encryption, SIEM, Zero Trust etc.
Security certification such as CISSP, CISA, CCNP, CCIE is preferred.
#J-18808-Ljbffr

**Line of Service**Internal Firm Services**Industry/Sector**Not Applicable**Specialism**IFS - Risk & Quality (R&Q)**Management Level**Associate**Job Description & Summary**At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at
If you love the business side of information security this is the place to be. Within the CISO pillar we work closely with member firm stakeholders to understand their business model and roadmap for technology.
In turn the CISO pillar outlines the roadmap for NIS and drives engagement and adoption of central security services in line with the PwC Cyber Readiness program.
Our mission is to identify, control, and reduce the attack surface across the network of member firms while increasing our adversaries’ cost of attack.
Network Information Security team is redefining cyber security on a global scale at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide, as well as our global clients.
If you are seeking an exciting career with the scope to grow your information and cyber security skills, then NIS will empower you to do so.**Roles & Responsibilities**:**Project Support:*** Assist in the planning, execution, and monitoring of projects.* Utilise strong critical thinking and problem solving skills day to day* Collaborate with team members to ensure project deliverables are met on time and within scope.* Prepare and maintain project documentation, including reports, presentations, and meeting minutes.* Quickly adapt to changing priorities and project requirements.* Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment.* Proactively identify and address potential issues or roadblocks to ensure smooth project execution.* Work with other NIS teams both locally, regionally and globally to deliver the security needs specific to the firm.**Compliance and Vulnerability Management:*** Support work in vulnerability management and compliance activities* Handles BAU activities such as managing security exceptions* Help the business comply with the Information Security Policy by leveraging your cyber security knowledge and expertise.* Collaborate with PwC IT and global team to align security process and tools.**Application Security:*** Guide and support the business team to complete all required security reviews* Build knowledge on application security to effectively support security assessments* Align with different global and local teams to identify and fix gaps or risk found.**Other*** Help with daily security incident handling* Help to manage junior staff, eg. internsAn effective CISO pillar candidate will also possess the following **skills/ Requirements*** Able to work in a fast-paced environment, can upskill quickly and learn proactively* Analytical: Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.* Technical: Broad understanding of security technology.* Business: High level understanding of PwC’s business model, service offerings, and business operating environment as it pertains to the firm’s threat landscape. Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.* Individuals selected for this role are expected to have both extensive knowledge and managerial know-how related to the following aspects: Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment* Understanding of technical and non-technical information security risks.* Have skills to analyse data and visualise data (good to have knowledge of Excel, PowerPoint etc.)* Good written and effective communicator to deal with various stakeholders* Meticulous and possesses an eye for details* Proactive, keen to learn, enjoys solving challenging problems, thinking outside of the box* Diligent and open to feedback* Experience in a role balanced between business stakeholders and a central service organization.* Possess knowledge about application security to effectively support security assessments* Time and Task Management: Ability to prioritise risk, manage a variety of take, take ownership to drive completion of activities and deliver on time**Education and Experience**:* Interest in Information Security* Bachelor’s or master’s degree (technical degree) or equivalent Industry certification**Candidate Specifications:***Desired Certifications:** (Certifications aren’t a prerequisite however are well regarded)**Education Level:** Undergraduate Degree (e.g. BIT, BSc) STEM or equivalent work experience: 2 - 4 years’ of progressive professional roles involving information security, computer science and/or other technical background**Education** *(if blank, degree and/or field of study not specified)*Degrees/Field of Study required:Degrees/Field of Study preferred:**Certifications** *(if blank, certifications not specified)***Required Skills**Application Security, Application Security Assessment, Application Security Assessments, Application Security Reviews, Application Security Testing, Cybersecurity Controls, Cyber Security Standards, Security Vulnerability Assessments, Threat and Vulnerability Assessment, Vulnerability Assessments, Web Application Security, Web Application Security Testing**Optional Skills**Accepting Feedback, Accepting Feedback, Active Listening, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure, Operating Model, Optimism, Privacy and Security {+ 6 more}**Desired Languages** *(If blank, desired languages not specified)***Travel Requirements**0%NoNo**Job Posting End Date**
#J-18808-Ljbffr

Perform IT security operations involving activities such as security
log reviews, vulnerability assessments, security access review and
security configuration review to ensure compliance based on customers'
requirements. Critical Key Functions and Key Tasks Perform
Vulnerability Assessment Scanning

* Work with the internal project
team and customers to establish the in-scope inventories.

* Prepare the environment and complete the pre-scan activities.

* Conduct vulnerability assessment scanning using the designated tool.

* Review
the scan results, process the results, and issue the scan reports to
stakeholders. * Follow up with the internal teams on the remediation.
* Published the remediation status IT Security Incident Management

* Involved in IT Security Incident Response Team (SIRT)

* Work with internal teams to resolve the reported security incidents

* Provide periodic status updates to IT Security Manager IT Security Alerts &
Advisory

* Tracking of IT security alerts and advisory issued by SOC and threat intelligence authorities. * Inform the appropriate stakeholders on the alert notifications

* Track the progress of remediations by the respective teams to ensure proper closure

* Conduct Security Log reviews

* Perform review of security logs in accordance to the agreed frequency.

* Investigate and clarify any anomaly with the respective towers.

* Escalate potential security incidents to project team and customers for attention.

* Prepare periodic log review reports. Security Advisory and Briefing

* Be the point-of-contact/customer liaison to assist and advise customer for ICT security related matters

* Conduct in Weekly / Monthly meeting with Customers on security related matters.

* Prepare the content and material relevant to the projects

* Conduct information security awareness training Support Audit & Compliance

* Act as the liaison officer for the IT security reviews and audits

* Collate and review information requested by auditors from respective teams.

* Support the auditors during audit period.

* Work with the team to review and respond to audit issues.

* Work with the team to remediate audit findings.

* Monitor and track the closure of audit findings.

* Other Ad-hoc activities instructed by manager.

This Cyber Security Analyst role is responsible for safeguarding the organization's digital assets by identifying and mitigating potential security risks, monitoring network activity for unusual behaviour, and responding to incidents.

• Safeguard Digital Assets : Protect the organization's digital assets from potential security threats.
• Analyze Security Logs : Analyze security logs, SIEM alerts, and incident reports to identify and mitigate potential security risks.
• Respond to Incidents : Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks.
• Monitor Networks : Monitor networks and systems for security breaches, alerts, and anomalous activity.

• Bachelor Degree or Advanced Diploma in Computer Science, Information Technology, Cybersecurity from a recognized university or related field.
• At least 1-3 years in a cybersecurity role, with hands-on experience in SIEM content management, network security, threat monitoring, or incident response.

Responsibility:

• Responsible for provision, deployment, configuration, and administration of many different pieces of network and security-related hardware and software.
• Responsible for evaluate, test, and troubleshoot technologies when new technologies are onboard
• Responsible for provide technical support for resolution of customer problems, incidents, issues, requests, and queries
• Configuring network devices, such as routers and switches, and ensuring they are up-to-date
• Experience with firewall rules implementation and troubleshooting upon incidents.
• Monitoring network performance, identifying areas for improvement, and ensuring optimal network uptime.
• Involve in update/upgrade/migration of security tools used by the team
• Maintain clear and functional documentations on process guides, technical instructions, network details, etc.
• Manage cybersecurity projects & coordinate with customer to deliver security solutions and initiatives timely.
• Any other adhoc duties as assigned

Requirements:

• Nitec/Diploma in Computer Engineering, Information Security or related field;
• Applicants with at least 1 years of relevant experience
• Strong knowledge of networking protocols (TCP/IP, DNS, DHCP), network devices (routers, switches, firewalls), and operating systems.
• Strong knowledge and understanding of IT infrastructure and security operations
• Ability to diagnose and resolve network issues effectively.
• Knowledge and understanding of Endpoint security, IDPS, WAF, APT, FW, Cloud Security
• Experience in enterprise level network

Interested applicants, please Email , and look for

Jensen Fang Lifa

Recruit Express Pte Ltd

EA License No. 99C4599

EA Personnel Registration Number: R

We regret that only shortlisted candidates will be contacted.

Cybersecurity Analyst Engineer Role

We are partnering with a well-funded tech company to hire a Cybersecurity Analyst Engineer who will support the team's security needs.

• Monitor threats and implement proactive measures to protect assets.
• Deploy and maintain enterprise security monitoring solutions for seamless operation.
• Create detection rules, automated workflows, and ensure compliance with relevant regulations.
• Support incident response and troubleshoot security issues in a timely manner.
• Collaborate on secure application deployment, ensuring high levels of security.
• Possess strong analytical and technical skills with experience in security platforms.

The ideal candidate has a solid understanding of security principles and practices, as well as excellent communication and teamwork skills.

Key Requirements:

• Perl
• Information Security
• Security Operations
• Remediation
• Cyber Security
• Investigation
• Scripting
• Protocol
• Compliance
• Operating Systems
• Threat Intelligence
• Intrusion Detection
• Network Security
• Linux
• CISSP

Benefits:

This role offers an exciting opportunity for professional growth and development in the field of cybersecurity.

About Us:

This job requires collaboration with teams to ensure high levels of security.

Job Description
Regional Information Security Management: Establish a management framework for information security across Asia and Arab region.
Develop and implement procedures for regional information security management and operation.
Plan and execute deployment of Otsuka Group standard technology (e.g., security monitoring tools, vulnerability management tools, and phishing reports and simulation tools) in the region.
Factory and Laboratory Security in Asia and Arab Region
Establish a management and advisory framework for factories and laboratories in the region.
Design and implement security risk controls for newly established factories in the region.
Plan, develop, and operate shared security infrastructure for subsidiaries in the region.
Security Compliance Monitoring for Otsuka Global Security Policies
Plan and execute compliance monitoring activities for global security policies, including those applicable to factories and laboratories in the region.
Support subsidiaries in planning and executing remediation actions.
Security Advisory Desk for Subsidiaries
Provide expert security advisory support to subsidiaries in the region
Regularly or on-demand, notify subsidiaries of recent cyber security threats and vulnerabilities.
Security Incident Responses
Support or, if necessary act as the commander in responding to security incidents in the region.
Lead and manage the OSG CSIRT (Cybersecurity Incident Response Team).
Job Requirements
(Required) Information/Cyber Security Expertise
Minimum of 5 years of professional experience in information security, risk management, or IT governance/audit.
Bachelor's degree in computer science, information security, information technology, or a related field.
If you do not have one of the above degrees, you should have a related professional certification to prove your expertise (e.g., CISSP, CISM, CISA, CRISC)
Familiarity with cloud security, network security, and security infrastructure (endpoint protection, security event detection, and identity and access management).
Familiarity with operational technology (OT) security in factories, plants, and laboratories.
Extensive experience serving as a commander in cyberattack response.
Knowledge of regulatory requirements (e.g., GDPR) and industry standards (e.g., NIST).
(Required) Language Proficiency
Business-level fluency in both Japanese (JLPT N1 or equivalent) and English. These two languages are essential for daily operations and communication with our Japan headquarters as well as group companies, subsidiaries across Asia and Arab Region.
(Preferred) Multinational Company Experience
Demonstrated ability to work effectively in multinational corporate environments, collaborating across diverse cultures and organizational structures.
Experience in developing security programs and procedures across regional subsidiaries.
(Preferred) Leadership and Management Experience in Asia and Arab Region
Demonstrated ability to lead and coordinate multiple subsidiaries across Asia and Arab region.
Multiple successful completions of security projects for subsidiaries in the region.
Ability to manage cross-functional teams and drive change in complex environments.
(Preferred) Additional Language Proficiency
Additional language capabilities are considered an asset for regional communication and collaboration.
#J-18808-Ljbffr

Responsibilities:
Lead the agency-level cybersecurity function in supporting agency digital transformation initiatives whilst ensuring digital resilience of agency systems.
Formulate and implement agency cybersecurity strategies, policies and work plans, ensuring continuous alignment with agency's business strategic goals.
Review and enhance risk management through threat-based risk assessments, risk mitigations, risk monitoring and reporting.
Provide consultation and endorse risk management and mitigation plans from agency’s project teams.
Govern and enhance the agency's security posture by maintaining visibility and oversight of ICT assets, security architectures, and cybersecurity operations code of practices.
Develop and maintain incident response plan and playbooks. This involves planning, designing and conduct of security incident response workshops and exercises (table-top exercises, simulation and drills) as well as lead the investigation and management of ICT security incidents.
Provide advisory and recommendations on appropriate cybersecurity technologies to be deployed that meets agency’s business requirements and aligned with WOG-wide advisories and practices.
Ensure secure by design ICT product development, and that security controls implementations comply with the defined security policies, standards and guidelines.
Develop and maintain effective cybersecurity awareness and training programmes
Requirements:
Degree in Computer Science, Information Systems, Engineering or related Technology field.
At least 8-10 years of management experience related to information security and solid grasp of ICT operations, security policies, business processes and the relationship between them.
Ability to work with multi-functional, multi-disciplined teams to formulate, institute real time awareness of security posture and baseline among end users.
Good interpersonal and partner/executive leadership skills.
Demonstrate knowledge and experience in security by design implementations, review of system architecture, devsecops practices, Infrastructure as Code (IaC) tools and securing CI/CD pipelines.
Demonstrate understanding of cloud service models (IaaS, PaaS, SaaS), coupled with a strong understanding of core cloud services and modern cloud-native architectures (serverless, containers, microservices).
Identify on-premises and cloud-specific cybersecurity risks and threats, demonstrating skills to thoroughly assess their impact and likelihood. This assessment encompasses, but is not limited to, secure configurations, insider threats, vendor risks, data leakage, malwares including ransomware, account hijacking, and compliance risks.
Evaluate the effectiveness of existing controls and recommending appropriate mitigation strategies for on-premises and cloud-related cybersecurity and data security issues.
Display understanding of emerging threats and technologies, and the ability to translate risk into business impact.
Strong understanding of compliance requirements and the ability to identify potential violations in on-premises or cloud environments.
Able to communicate cyber security topics effectively to senior stakeholders.
Minimally possess CISSP certification, preferably with other related certifications, e.g. CISM, CCSP, GCIH that demonstrates continuous learning and knowledge of industry best practices.
We believe in being Agile, Bold and Collaborative, and are looking for people who identify with these values.
#J-18808-Ljbffr

Overview
Join to apply for the
Project Manager - Information Security
role at
Shopee .
Responsibilities
Drive the planning, execution, and monitoring of information security projects.
Track project progress, identify risks, and develop mitigation strategies.
Coordinate with project stakeholders, including security engineers, developers and SREs.
Collaborate with IT compliance to address compliance-related issues and ensure that projects are aligned with regulatory requirements.
Analyse existing processes, identify areas for improvement, optimise workflows, and implement changes.
Qualifications
Bachelor's degree or higher in Computer Science, Information Security, or a related field.
Strong project management skills, including planning, organising, and time management.
Excellent communication and interpersonal skills.
Demonstrates a keen interest in, and understanding of information security or cybersecurity.
Self-driven with the ability to work independently and as part of a team.
Job details
Seniority level: Mid-Senior level
Employment type: Full-time
Job function: Information Technology
Industries: Internet Marketplace Platforms and Technology, Information and Internet
Note: This description focuses on the role responsibilities and required qualifications. Boilerplate referrals or unrelated role listings have been removed.
#J-18808-Ljbffr