Apply on
Company Description
ESGpedia Pte Ltd is Asia’s leading ESG data and technology company, headquartered in Singapore. Its ESGpedia platform powers the ESCAP Sustainable Business Network (ESBN) Asia-Pacific Green Deal digital platform, the ASEAN Single Accesspoint for ESG Data (SAFE) pilot initiative, and the Monetary Authority of Singapore’s (MAS) Greenprint ESG Registry. With more than 5 million sustainability data points, ESGpedia serves as the Nexus of ESG, digitally empowering the financial sector, corporates, and SMEs to ensure compliance towards ESG regulations and attain their ESG goals.
ESGpedia is an Award Winner of the MAS Global FinTech Innovation Challenge Awards 2020, and a two-time awardee of the Financial Sector Technology and Innovation (FSTI) Proof of Concept (POC) grant, under the Financial Sector Development Fund administered by the MAS. ESGpedia is also an IMDA Spark company and GRI Licensed.
Job Summary
The primary role of the IT Security Officer is to ensure that it acts in the best integrity to align to ESGpedia’s Information Security Strategy and achieves ESGpedia’s information security objectives. It works with the various Committees of the Company (such as ISMS Committee, Risk Committee, Sustainability & BCM Committee) to undertake these aspects:
a) Establishing, implementing and maintaining the Information Security Management System in compliance with the Information Security Policies governed under ISO Standards, SOC2 Type 2 and all relevant local regulations pertaining to IT Security compliance standards.
b) Coordinating operational security activities for ESGpedia’s, managing the ISMS daily and conducting risk assessments, and in some cases timely remediations of internal/external audits points pertaining to all IT Security matters.
c) Escalating any issues, as necessary, to the respective Committees that govern after IT and Operational Security matters.
Job Responsibilities
a) Assume role of an Administrator and have oversight function of the system access management of AWS, Atlassian, and Microsoft platforms, including user access management, security configurations, and vulnerability assessments.
b) Conduct regular security assessments and audits to identify and mitigate potential risks and vulnerabilities.
c) Collaborate with cross-functional teams to develop, update, and enforce IT security policies, procedures, and guidelines.
d) Provide company-wide training on IT Security Awareness to promote a culture of security consciousness and best practices.
e) Stay up to date with the latest industry trends, threats, and technologies to proactively identify potential security risks and recommend appropriate countermeasures.
f) Manage vendor relationships, including selection, evaluation, and ongoing oversight to ensure compliance with security requirements.
g) Perform proof-of-concept evaluations for new security technologies, solutions, or enhancements.
h) Respond to security incidents, conduct investigations, and provide recommendations for incident response and remediation.
i) Collaborate with internal and external stakeholders to develop and implement incident response plans and business continuity strategies.
j) Maintain documentation of security processes, procedures, and controls to meet regulatory and compliance requirements.
k) Participate in security-related projects, initiatives, and risk assessments as required.
Qualifications for IT Security Officer
a) Graduate from a recognized University with a degree in Computer Science, IT Engineering subjects is preferred.
b) Professional certifications such as CISSP, Security+, CEH, or similar are welcomed.
c) Proven experience in administering AWS, Atlassian, and Microsoft platforms is advantageous.
d) In-depth knowledge of IT security principles, best practices, and standards.
e) Ability to monitor surveillance systems and respond to emergency situations
f) Excellent team-building and leadership skills
g) Ability to pay close attention to detail
h) Interest in protecting the people and assets within the organization or company
i) Able to handle stress well, maintain a positive attitude, full of initiative and able to work independently with minimum supervision.
Technical Skillset Requirements
- Min. 2- 3 years' working experiences in IT Security operations
- Good knowledge of Industry Standards such as ISO 27001, PDPA, NIST, PCI-DSS, MTCS and TRM.
- Good command of English, both written and spoken.
- Able to work independently & take ownership, an out-of-the box thinker with modern concepts and initiatives who likes to come out of the comfort zone with a can-do attitude.
Notice
We regret to inform that only shortlisted candidates will be notified. All applications will be treated with strictest confidence.
By submitting any application or resume to us, you will be deemed to have read and agreed to the terms of our Privacy Policy(https://esgpedia.io/privacy-policy/), and consented to us collecting, using, retaining and disclosing your personal information to prospective employers for their consideration.
You may refer and access our website(https://esgpedia.io/) for more information.