Experis Singapore

Product Security Officer (Central/Perm)

Experis Singapore| Date Posted: 8-May-2021
EA Licence No: 02C3423
Save Job
Job Nature:
Permanent

Job Description



In this role you will work closely within the Product Team and R&D, cooperate with IT, Solutions Team, Enterprise RFP Bid Team, Global Operations and the rest of the organization.
As a Product Security Officer you will work closely with Product and IT teams to ensure our Infrastructure and Services are compliant to Enterprise grade security and data privacy requirements.
You will also be directly involved with Commercial and Technical Teams during the Bid Phase to work out the scope of the services to be delivered to the Customers, with focus on security related considerations. This will enable you to understand market expectations and - in collaboration with Product and Engineering teams - to translate it into the roadmap requirements and follow implementation.

THE RESPONSIBILITIES:
  • Define the Product Line Security Requirements
  • Address Security posture and security profile, including end to end security:
  • Evaluate the IT threat landscape, devising policy and controls to reduce risks
  • Infrastructure Hardening and Security compliance:
  • Vender/Product evaluation for security
  • Performing regular vulnerability assessments for internal and external stakeholders
  • Keeps up to date on updates and patches regarding emerging security vulnerabilities
  • Enforces change controls to make sure we are fully up to date on infrastructure and software security
  • Disaster recovery and business continuity:
  • Creates and enforces a backup / DR plan to address cyberattacks, including ransomware attacks
  • Creates and maintains a restoration plan of services
  • Participates in RFP response and define requirements for better compliance
  • Actively participates in defining the Security aspect of solutioning with the Solution Team
  • Own and maintain the ISO certification. Coordinate audit-related tasks such as ensuring the readiness of managers and their organizations for audit testing and facilitating the timely resolution of audit findings
  • Work directly with the IT Security Officer to set priorities and define demand for the IT Department
  • Work directly with the General Counsel and Legal department
  • Participate in the Incident Response Team to cover security aspects
  • Fulfill customer requests for completion of security related documentation. Including all Security Requirements forms, Information Security Agreements, Business Associates Agreements, and other relevant forms
  • Identify technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks; driving implementation of these
  • Drive the execution of security awareness trainings for all employees and secure coding training for all developers.



EXPERIENCE:
  • A minimum of 5 or more years of proven work experience in a similar position;
  • Understanding of security concepts, tools, techniques and technologies
  • Understanding of basic data privacy concepts, experience in a GDPR compliant organization
  • Experience with network and security technologies, familiarity with systems and SIEM monitoring tools
  • Hands on experience in AWS and Azure environments is good to have
  • A certification as Certified Information Systems Security Professional (CISSP) or similar is beneficial
  • Familiarity with web related technologies and of network/web related protocols
  • Experience in coordinating and acting on insights from compliance and security audits
  • Problem solving skills and ability to work under pressure
  • A pro-active self-starter, capable of working with minimal supervision
  • Good understanding of software development lifecycle


Arvin Clark Sikat, Sombilla EA License No.: 02C3423 Personnel Registration No.: R1222536

Please note that your response to this advertisement and communications with us pursuant to this advertisement will constitute informed consent to the collection, use and/or disclosure of personal data by ManpowerGroup Singapore for the purpose of carrying out its business, in compliance with the relevant provisions of the Personal Data Protection Act 2012. To learn more about ManpowerGroup's Global Privacy Policy, please visit https://www.experis.com.sg/privacy-policy
Company Overview
Experis Singapore