Job Description

We are looking for bright and talented individuals with strong Information Security and IT backgrounds and a desire to provide security consulting services for clients in various industries. You will provide consulting services focused on information and cyber security. Team members are provided the opportunity to interact with senior management as well as the opportunity to enhance their skills in the areas of security knowledge, technical competency, business development, client service and people development. Key Accountabilities

• Lead and implement information / IT security engagements for clients.
• Provide expert advice, guidance and support on information security. This could be on technical or process aspects (such as Information Security Management Systems (ISMS) or ISO 27001, Business Continuity Management / IT Disaster Recovery Management or ISO 22301/ ISO 27301, Data Loss Prevention (DLP), Identity and Access Management (IAM), cloud security, cyber security design, tools and solutions, security strategy and security project management).
• Provide experience and advice in the identification, assessment, mitigation and management of information security risks and issues across the information security spectrum.
• Identify, translate and capture business requirements and best practices for Information Security into technically feasible and user friendly deliverables and communicate to clients and their information security staff or regulators to achieve strategic alignment from internal and external stakeholders.
• Conduct training on information security solutions when required.
• Gain understanding of key customer and market issues, build opportunities, create proposals and make presentations to clients as required.
• Lead and manage teams, prioritize responsibilities and tasks in order to deliver quality and timely results and coach & motivate employees.

Qualifications & Requirements:

• Degree in any discipline and/or MBA from a recognised institution; IT Degree preferred.
• Minimum 8 years of working experiences in Information Security or IT security and IT systems and / or industry knowledge. Working experience in big 4 companies or multinationals is preferred.
• Must have at least two of the following security certifications CISSP, CCSP, SSCP, GSLC, GISP, CISM, CRISC, CGEIT, CISA, ISO 27001 Lead Auditor, etc.
• Any additional security certifications Related certifications are a plus e.g. CISSP, CCSP, SSCP, GSLC, GISP, CISM, CRISC, CGEIT, CISA, CCSK, CEH, CCNA, ISO 27001 Lead Auditor, etc.
• Good overall understanding of the information security roles and activities.
• Strong understanding of information security & regulatory standards/ frameworks; e.g. ISO/IEC27001, COBIT, ITIL, PCI-DSS, NIST Cyber Security Framework, BNM RMiT, MAS TRM Guidelines, etc.
• Good technical knowledge on at least five of the following areas:
  • Data Security, Privacy, Classification and Data Loss Protection.
  • IT Disaster Recovery Planning and Business Continuity Management.
  • Network security architecture, management and controls including firewall, routers, IPS etc.
  • Threat Intelligence & Advanced Persistent Threats (APT).
  • Security Strategy and Roadmaps.
  • Security Policy, Standard and Framework.
  • Information Security Management Systems.
  • Log Management and SIEM.
  • Identity and access management solutions and implementation.
  • Cloud security.
  • Governance, Risk and Compliance (GRC).
• Good project management skills.
• Experience in leading a team and in project management.
• Familiarity and experience with security standards and regulatory frameworks (e.g. ISO/IEC 27001, ITIL, BNM RMiT, MAS TRM Guidelines, PCI-DSS, etc.)
• Proven track record of delivering security projects on ISMS / BCP / IT DR / DLP / GRC / IAM.
• Proven experience in a particular industry such as financial services, telecom, government etc.

At Firmus, we embrace Diversity, Equity, and Inclusion (DEI) as foundational pillars of our workplace culture. We are opposed to discrimination on any basis, including but not limited to race, religion, color, gender identity, sexual orientation, national origin or any characteristic protected by applicable law. Our commitment to fostering a diverse and inclusive workforce is unwavering, and every employment decision is rooted in the principles of DEI, guided by qualifications, merit, and the genuine requirements of our business.

Interested candidates please submit your application through Jobstore