Risk Manager, Assessment

  • Competitive
  • Singapore
  • Permanent, Full time
  • Morgan McKinley Singapore
  • 15 Oct 18

Risk Manager, Assessment

Responsibilities:

  • Security review of systems, highlight security risks, and make recommendations to mitigate the risks.
  • Activities include outsourcing security review, external connection review, network security assessment, and business criticality assessment.
  • Review of firewall rules for excessive access and risky services.
  • Security configuration review of technology platforms to ensure that they are adequately secured.
  • Security Testing (Vulnerability Assessment and Penetration Testing)
  • Perform scheduled CSIRT duties, and support CSIRT Commander in the event of a security incident.
  • Review and update current CSIRT procedure to comply with regulatory and internal requirements, and current threat landscape
  • Engage stakeholders to review, update, and formalise security standards, processes and procedures.
  • Maintain oversight and adherence to established security processes, procedures and checklists. This includes alignment to the Head Office information security policies, guidelines and standards.
  • Advice stakeholders on security gap remediation, track identified security gaps to closure and escalate potential delays to management in a timely manner
  • Support department initiatives and ad-hoc work as assigned - audit / regulatory inspection and request from the Head Office, etc.

Requirements:
  • Familiar with risk management methodology and experience in management and/or assessment of security technologies, processes and recommending the appropriate controls requirement.
  • Ability to identify security risks and assess adequacy of controls as well as being able to make suitable recommendations for control enhancements are key requirements for this role.
  • Experienced in using automated tools to perform firewall rules review, security configuration review and vulnerability discovery.