Assistant Lead Cybersecurity Engineer - Risk Assessment (Cyber Risk Management & Services)

Position Overview

The Security Engineer executes cyber risk assessment (RA), security advisory and compliance checks. He/she will be responsible for identifying, assessing, and managing threats, vulnerabilities and associated risks to information assets and resources. He/she will work in collaboration with Infrastructure, Application team & vendor to assess security concerns. He/She also works with CISO to gather inputs into risk register, including risk mitigation measures and risk deviations.

Role & Responsibilities

• Perform analysis, prioritization and classification of risk.
• Draft risk scenario and provide recommendation of risk treatment plan.
• Handle day-to-day security advisory and operational request.
• Perform review over remediation plans artefact.
• Schedule security checks in accordance with reporting schedules.
• Prepare periodic status reports for presentation to management.
• Continuous enhancement of existing security risk assessment process.
• Verifies security controls are implemented accordingly

Requirements

• At least 5 year working experience in IT risk assessment, including cyber risk assessment and security compliance review.
• Experience in cyber security controls, processes and standards, such as NIST cybersecurity framework, CSA risk assessment guidelines, CIS controls framework or ISO/IEC 27001 standards.
• Strong analytical skills and ability to work independently.
• Good team player as well as strong communications skills with stakeholders at all levels.
• Possessing at least one of the following certification CEH, CISSP, CISA, CRIS and/or related security certification.
• Experience in healthcare industry is an added advantage.
• Degree in Computer Science, Engineering or equivalent.

Apply Now

NOTE: It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!!