Job Description
Our Client:
Our client is one of the top leading travel company with its headquarters in in Japan. Their Singapore office is looking for a IT Infrastructure & Security Manager
The Responsibilities:
* Reporting Line Senior Manager
IT Infrastructure
* Strategy management for IT infrastructure services (Identify and recommend new technologies for business needs)
* Execute IT Infrastructure Service Lifecycle (availability management, capacity management, continuity management, asset management, incident and problem management, and vendor
* management)
* Contribute to the IT strategic planning and budgeting (plan, control and manage the yearly budget)
* Network management (WAN & LAN infrastructure, IP-VPN, SSL-VPN) of the entire Asia Pacific region
* Web Infrastructure management
* AWS management
* Continual IT Infrastructure services improvement
Information Security Governance
* Establish and maintain an information security strategy in alignment with organizational goals and objectives to guide the establishment and ongoing management of the information security program
* Review and enhance IT policies, standards, guidelines and best practices periodically to ensure that the policy is aligned with organization objectives
* Develop and implement effective change management plan (such as communication plan and training programs) to drive adoption, implementation and compliance
* Implement and drive IT process improvement to enhance efficiency, effectiveness and security
* Participate in audit planning meetings with internal/external auditors, collate/provide the required materials on a timely basis, validate audit findings, provide remediation solutions and implement the agreed solutions on a timely basis
* Drive security access and activity log reviews on regular basis
* Store/organize all controls/review artefacts in a manner that is both auditable and easy to retrieve
* Promote IT risk management, governance and compliance culture across the organization
Cyber Security
* Manage projects to identify, assess and mitigate the cyber security risks
* Assess and review existing system environments and security measures to ensure security design effectiveness and operation effectiveness, e.g., network security, server security, application security, endpoint security, email security, physical access security, logical access security, IT policies and procedures, etc
* Design, implement and maintain security incident response and escalation procedure
* Manage and resolve cyber security incidents and liaise with various IT functions, Business Continuity Planning (BCP), business users and vendors, where appropriate
* Review firewall/security/system logs and follow up with the appropriate actions
* Conduct IT security awareness trainings to improve cyber security knowledge of users and IT staff
* Perform periodic IT control testing and remediate gaps on a timely basis
* Recommend and implement cyber security related improvements
Project Management
* Planning and leading the development of approval papers and proposals related to IT
* Infrastructure and Security projects
* Conceptualize, develop and drive projects to meet Asia Pacific offices' requirements
* Implementation and deployment of IT projects throughout Asia Pacific region using Project
* Management Framework. Examples of projects are: Windows 2012/2019, Active Directory
* Server deployment, Cyber Security Tools enhancement and deployment, IT Infrastructure setup of new offices from scratch, Server (in VMWare) and Backup Solution Deployment, etc
* Supplier / vendor management (price negotiation, escalation, evaluation of new vendors, and service level agreements)
* Ensure that designated IT vendors meet contractual obligations
* Attend to any other reasonable projects as assigned by the General Manager
Staff Management
* Provide leadership and direction to IT Infrastructure's staffs
* Provide mentorship to increase the growth opportunity
* Re-assign tasks based on requirements and needs
Technical Talent Specialization
* Good knowledge on IT Service Management (preferably with ITIL certification)
* Good understanding in security architectures, designs, and solutions (preferably with either one of the following certifications: CISSP, CISM, CEH, SSCP)
* Knowledge on International Security Frameworks and Standards such as ISO/IEC 27001
* Series, COBIT 5 and NIST Cyber Security Framework
* Intermediate knowledge on Cisco networking (Routing and Switching)
* Good understanding of enterprise computing environments and strong understanding of TCP/IP networks
* Good knowledge on Windows servers and VMWare (preferably with VMWare certification)
* Good knowledge on Application (Layer 7) or Next Generation Firewalls
* Good knowledge on Network-based IDS/IPS
* Experience in Investigations and Incident Management
* Good knowledge on advanced Enterprise Antivirus and Antispyware
* Good knowledge in analyzing security risks and develop response procedures
* Strong understanding of enterprise, network, system and application level security issues
The Requirements:
* Bachelor's Degree in Computer Engineering/Science, Information Technology or related field or a combination of education and experience
* At least 5 years of IT experience and possess 1―2 years in a managerial role
* Strong IT Technical understanding and aptitude for analytical problem solving
* Fast learner and able to adapt to frequent changes in business environment
* Team player with high initiative, self-motivation and results-oriented mind-set
* Able to multitask, work independently and prioritize workloads effectively
* Good communication, documentation, organizational and interpersonal skills
Disclaimer: The Company complies with the Tripartite Guidelines on Fair Employment Practices (TGFEP), including the prevailing guidelines on recruitment. All qualified applicants will be considered for the position regardless of their age, race, religion, nationality, marital status, or family responsibilities. A more detailed discussion of the TGFEP is available on the Tripartite Alliance for Fair and Progressive Employment Practices (TAFEP) website at https://www.tal.sg/tafep.