Information Security Consultant

Avensys is a reputed global IT professional services company headquartered in Singapore. Our service spectrum includes enterprise solution consulting, business intelligence, business process automation and managed services. Given our decade of success we have evolved to become one of the top trusted providers in Singapore and service a client base across banking and financial services, insurance, information technology, healthcare, retail, and supply chain.

We are currently looking to hire IT Security Consultant

This is an exciting opportunity to expand your skill set, achieve job satisfaction and work-life balance. More details as below.

Job Type: One-year Renewable Contract

Job Description:

Job Overview

Vulnerability Management

• Assist in vulnerability scanning and assessments to identify security weaknesses within the client’s environment.
• Help prioritize and track remediation efforts based on the severity and impact of vulnerabilities.
• Collaborate with internal teams to ensure that identified vulnerabilities are mitigated in a timely manner.
• Provide regular vulnerability reports and updates to the Senior IT Security Manager.

Firewall Rules Review and Management

• Support the periodic review of firewall rules to ensure proper access control and network segmentation.
• Work closely with network and infrastructure teams to assess and adjust firewall configurations as needed to enhance security.
• Assist in ensuring that firewall rules comply with internal policies and regulatory requirements.

Audit Support

• Assist in preparing for and supporting internal and external security audits.
• Provide documentation, logs, and reports to auditors and ensure timely responses to audit requests.
• Help track and resolve audit findings, ensuring corrective actions are implemented to meet compliance requirements.
• Support the maintenance of audit trails for critical security events and activities.

Identity and Access Management (ID Validation)

• Assist with user identity validation processes, ensuring proper authentication mechanisms are in place.
• Support the enforcement of access control policies to ensure that only authorized personnel have access to sensitive data and systems.
• Help monitor and audit user access rights, ensuring they align with role-based access controls and least privilege principles.

Security Awareness Training

• Assist in the development and delivery of security awareness training programs for client employees and internal teams.
• Help create educational materials to raise awareness about common cybersecurity threats (e.g., phishing, social engineering).
• Track training progress and ensure all employees are regularly updated on security best practices.
• Support client-facing initiatives to promote a culture of cybersecurity within the organization.

Security Advisory Support

• Provide support for security advisory services by gathering information on emerging threats and vulnerabilities.
• Assist the Senior IT Security Manager in providing recommendations for mitigating risks associated with new and emerging security threats.
• Help maintain a repository of security advisories, updates, and patches, ensuring timely distribution to relevant stakeholders.

Incident Response

• Support the investigation and response to security incidents, gathering data and providing initial analysis.
• Help escalate security incidents and assist in documentation and resolution.
• Participate in post-incident reviews to identify lessons learned and areas for process improvement.

Risk Management and Compliance

• Help in conducting risk assessments to identify potential security risks and recommend mitigation strategies.
• Assist with ensuring the client’s environment remains compliant with industry standards and regulations.
• Contribute to the maintenance of security policies, procedures, and controls to ensure compliance and mitigate risks.

Collaboration and Communication

• Work closely with other IT Security team members to implement and enforce security policies and practices.
• Communicate effectively with internal teams and client stakeholders about security status, risks, and incidents.
• Provide support in preparing reports, presentations, and security briefings for senior management and clients.

Continuous Learning and Improvement

• Stay up-to-date on the latest trends in cybersecurity, including new tools, vulnerabilities, and attack techniques.
• Participate in ongoing professional development to expand security knowledge and skills.
• Assist in identifying and implementing improvements to existing security processes, policies, and tools.

Qualifications

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
• Relevant certifications such as CISM, CISA, CompTIA Security+, Certified Ethical Hacker (CEH), or equivalent are a plus.
• Min 2 years of experience in IT security, cybersecurity, or a related field.
• Hands-on experience or familiarity with vulnerability scanning tools, firewall rule configurations, and identity management systems.
• Experience or exposure to supporting security audits and compliance processes.
• Familiarity with network security concepts, SIEM systems, and basic incident response protocols is a plus.
• Understanding of IT security principles and best practices.
• Basic knowledge of security tools such as firewalls, antivirus software, IDS/IPS, and SIEM systems.
• Familiarity with security frameworks (e.g., NIST, ISO 27001, CIS Controls).
• Strong analytical and troubleshooting skills.
• Good written and verbal communication skills.
• Ability to work effectively in a team and manage tasks in a dynamic environment.

WHAT’S ON OFFER

You will be remunerated with an excellent base salary and entitled to attractive company benefits. Additionally, you will get the opportunity to enjoy a fun and collaborative work environment, alongside a strong career progression.

To submit your application, please apply online or email your UPDATED CV in Microsoft Word format to [email protected]. Your interest will be treated with strict confidentiality.

CONSULTANT DETAILS

Consultant Name: Preethi Kanthappan

Reg No: R1765546

Avensys Consulting Pte Ltd

EA Licence 12C5759

Privacy Statement: Data collected will be used for recruitment purposes only. Personal data provided will be used strictly in accordance with the relevant data protection law and Avensys' privacy policy.