Senior IT Security Officer
- Fusionopolis Pl, Singapore
Writing the future. Together.
Avaloq is a value driven, fast-paced financial technology and services company and we are committed to developing the banking solutions of tomorrow.
By joining Avaloq, you’ll become a key part of our effort to power the digital transformation of the financial services industry. Our ambition is big and bold – to provide full end-to-end digital solutions by combining our leading efficiency with a flexible, responsible digital user experience. Headquartered in Zurich, Avaloq has over 2,000 employees globally. More information is available at www.avaloq.com.
Security Operation team supports security systems and processes in Avaloq to secure Avaloq’s and our clients’ IT application systems and infrastructure. The team is responsible for security system administrations, and security processes such as policies and standards development, security incident management, vulnerability assessment and security testing among others.
- Support and maintain IT Security systems including network security and SIEM system (Splunk).
- Conduct IT security incident investigation and threat hunting on the IT environment.
- Develop and maintain a security control framework to ensure that security management systems and policies are effective, providing recommendation and remediation.
- Develop and support emergency procedures and oversee incident responses as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as required.
- Develop and maintain a standard security contract framework for ITO outsourcing to ensure a harmonised and consistent security control framework.
- Develop and maintain a security awareness program to assure a widespread culture of information security awareness.
- Support the development and implementation of security policies, standards, guidelines and processes to ensure the ongoing maintenance of physical and logical security.
- Participate in the security operational risk management activities as part of the Enterprise Risk Management to identify threats and institute appropriate security programs.
- Conduct independent security audits and risk management assessments to verify and provide an opinion on the security posture.
- Support and maintain the APAC’s Information Security Management System (ISMS) to assure continuous compliance with regulations, laws and contractual obligations by adopting and deploying industry and market standards and accepted best practices.
What you need
- Minimum 7 to 10 years of experience in a similar role, i.e. in a combination role of security risk, information security and IT.
- Degree in tertiary studies in relevant fields such as Computer Science, IT Security, Business IT, or IT engineering would be an advantage.
- Proven experience in analysis, identifying, monitoring and controlling security risks
- Experience in managing Identity / Access management, Intrusion Detection / Prevention, Data Protection and Data Leakage Prevention applications / devices including installation, configuration and its availability
- Extended knowledge of relevant international security standards (ISO/IEC 27000-series), best practices (CobiT, ITIL), third party reporting (ISAE3402, SOC), trends and legal and regulatory requirements for data protection and outsourcing in the financial sector (e.g. MAS, HKMA).
- Must have a minimum of one of the certifications from ISACA’s CSX, CISA, CISM, CGEIT or CRISC or ISC2’s SSCP, CCSP, or CISSP or GIAC’s GISP or GSEC.
Now let's talk about perks and compensation
We offer high flexibility in regards to working models (e.g. part time and home office models are possible depending on business requirements). Our base salaries are competitive and if you prove to be a superstar, you might even be entitled to an extraordinary achievement reward. Avaloq aims to share its success with all its employees by paying out “Success Share Units” depending on its performance in a given year.
At Avaloq we embrace diversity, we embrace difference. We are whole-heartedly committed to equal employment opportunities and we foster an inclusive culture where everyone’s' contributions are valued and their voices are listened to. We hire, compensate and promote regardless of origin, age, sexual orientation, gender identity or any other fascinating characteristics that make us different. Please note that our job descriptions are intended to be written in an inclusive and gender neutral language.
Don’t be shy – apply!
Please only apply online, preferably with pdf documents.
Note to Agencies: All unsolicited résumés will be considered direct applicants and no referral fee will be acknowledged.