Client Information Security Lead Infra Enterprise

Were searching for a Client Information Security Lead (Infra Enterprise) to be part of our diverse team of talents here at NCS!

If you believe in going above and beyond want to exemplify the best and wish to bring people and technology together like never before then we would love to have a conversation with you!

Overview

Security privacy and operational resilience are critical issues facing all organizations today. We are currently looking for qualified and capable security minded individuals to be the driving force managing security governance throughout the lifecycle of client projects. You will proactively elevate the overall service quality to our Client while managing the necessary cyber security risk posture of NCS.

What we seek to accomplish together:

To support the LOB as an independent (i.e. Line 2 Infosecurity Advisory Compliance Assessment and Security Incident Response Management. You will work as the interface between NCS Enterprise SBG practice and NCS Corporate HQwide cybersecurity leadership driving organizationwide cyber security strategy implementation and in turn ensuring client and practice requirements are fed back into the continual improvement of relevant strategy policies and standards.

• To ensure cyber key risk indicators and controls are simplified relevant and effective for risk monitoring reporting and mitigation and in compliance with NCS Cyber Security Policies government legislation (e.g. IM8 Public Sector Data Security PDPA) and industry good practice.
• Conduct independent internal risk assessment on NCS Clientfacing projects to identify weakness and provide recommendations for improvement e.g. thematic assessment Risk Mitigation and Corrective & Preventive Action Plan.
• Alignment with business leaders to better understand the business goals and to bake appropriate security controls into the environment considering people processes and automation.
• Act as a cyber security incident response advisor on potential security matters. Partner as Subject Matter Expert (SME) with key business stakeholders including Risk Management Legal NCS IT Cyber Incident Response Team People & Culture and any external institutions (e.g. PDPC) that are critical to the success of cyber security.
• To drive the cyber security program and to improve cyber awareness for data security and its impact to the organisation.
• To enhance efficiency and improve reliability of operational security compliance and monitoring process using automation mechanism e.g. scripts and tooling.

Qualifications :

A little bit about you:

• Degree/Diploma or higher in Computer Science Information Systems or equivalent
• At least one industry recognized security certification is such as Certified Information Security Management (CISM) Certified Information Systems Security Professional (CISSP)
• 5 years of handson experience in information/cyber security risk assessment practice e.g. in the domains of Governance Risk & Compliance Secureddesign Engineering Cyber Security Operations Incident Response and/or Vulnerability Management
• Indepth working knowledge of cybersecurity risk assessment thematic audit data or security governance framework e.g. NIST CIS20 IM8 etc
• Knowledge of information security principles IM8 ISO 27001 controls Center for Internet Security (CIS) controls Cloud Controls Matrix (CCM) controls
• Handson experience with hybrid cloud infrastructure or system security security technologies and tooling e.g. identity access management remote access management endpoint security network security & administration and application security e.g. OWASP 10 (API web LLM mobile)
• Added advantage with experience in security incident response infrastructure/application penetration testing bug bounty program vulnerability assessment monitoring of secrets in public repository and cloud security operation
• Senior stakeholder management and working across various parts of the organization
• Team player with good interpersonal and communication skills both written and verbal

We are driven by our AEIOU beliefsAdventure Excellence Integrity Ownership and Unityand we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients Growing our people and Creating our future.  

Together we make the extraordinary happen.  

Learn more about us at ncs and visit our LinkedIn career site. 

We handle all profiles with the highest level of confidentiality.

Remote Work :

No

Employment Type :

Fulltime