Manager - IT Security

As Manager of IT Security, the role is pivotal in safeguarding organization information technology environment. The job exists to ensure organization digital world presence remains safe and resilient. The role plays crucial part in protecting business from cyber threats, ensuring compliance with regulations and maintaining the trust of the consumers and partners. The work directly contributes to the uninterrupted operation, growth of organization and align in positioning business for success in increasingly digital world.

• Security Team Player : Collaborate with cross border IT security team and interrelated IT teams (e.g., Infrastructure team, Project team, Technology Risk Team, etc.) to create a robust and secure network architecture.
• Firewall Reviewer : Take charge of reviewing firewall requests and optimizing firewall rules. Involve in coordinating regular reviews to eliminate outdated, not in use, redundant and risky rules.
• Server Hardening Reviewer : Proficiency in Windows and Linux based OS to perform comprehensive assessment and review for server hardening in accordance with organization security standards and assess the exception request accordingly when server deviates from organization security standards. To ensure hardening in line with organization security standards, reducing risks and maintain robust infrastructure.
• Vulnerability Assessment : Conduct quarterly and ad hoc vulnerability assessment on organization infrastructure to proactively identify and mitigate risks.
• Cloud Posture Monitoring : Continuously monitor AWS / Azure environments using cloud native and third-party tools to detect, track and report misconfigurations, policy violations and non-compliant resources.
• Change Reviewer : Represent Infra Security in Change Approval Committee (CAC), reviewing change requests with potential security implications.
• DLP Management : Responsible in assessing and managing DLP measures both for endpoints and network (e.g., cloud storage access). The role includes coordination with Technology Risk Management team, configuring and monitoring the access request.
• Third-Party Security Assessment : Assist the Third-Party Review Committee in conducting comprehensive security evaluations prior to onboarding and ensure proper facilitation of data deletion during offboarding.

We are looking for people with

How you succeed

Who we are

Founded in 1908, Great Eastern is a well-established market leader and trusted brand in Singapore and Malaysia. With over S$100 billion in assets and more than 16 million policyholders, including 12.5 million from government schemes, it provides insurance solutions to customers through three successful distribution channels – a tied agency force, bancassurance, and financial advisory firm Great Eastern Financial Advisers. The Group also operates in Indonesia and Brunei.

The Great Eastern Life Assurance Company Limited and Great Eastern General Insurance Limited have been assigned the financial strength and counterparty credit ratings of "AA-" by S&P Global Ratings since 2010, one of the highest among Asian life insurance companies. Great Eastern's asset management subsidiary, Lion Global Investors Limited, is one of the leading asset management companies in Southeast Asia.

Great Eastern is a subsidiary of OCBC, the longest established Singapore bank, formed in 1932. It is the second largest financial services group in Southeast Asia by assets and one of the world’s most highly-rated banks, with an Aa1 rating from Moody’s and AA- by both Fitch and S&P. Recognised for its financial strength and stability, OCBC is consistently ranked among the World’s Top 50 Safest Banks by Global Finance and has been named Best Managed Bank in Singapore by The Asian Banker.

#J-18808-Ljbffr