IT Security (Consultant) | Yearly Renewable Contract - #1162693

Key Responsibilities

CARBON BLACK

The management of the Endpoint Detection and Response (EDR) system shall minimally include and not limited to the following:

• Administration of Carbon Black EDR server configuration

• Review and recommendation of new threat intelligence feeds

• Administration of Carbon Black sensor group configuration

• User account administration

• Management of EDR agents across servers

• Generation of operational and security reports

• Scope applies to successor or replacement EDR products where applicable

TREND MICRO / TRELLIX (Server Anti-Virus Management)

The management of the Server Anti-Virus System in GDC shall minimally include and not limited to the following:

• Administration of Trend Micro Deep Security Manager

• Management of active updates from Trend Micro update server

• Administration of agent updates

• Management of virtual patching

• Addition and removal of monitored agents

• Configuration and deployment of security policies

• Generation of weekly reports to agency

• Scope applies to successor or replacement server anti-virus products where applicable

IMPERVA (Web Application & Data Security Management)

The management of the Imperva in shall minimally include and not limited to the following:

• Administration of Imperva SecureSphere and Imperva Data Risk Analytics

• Management of update gateways and management servers

• Administration of agent updates

• Management of patching activities

• Addition and removal of monitored agents

• Configuration and deployment of security policies

• Generation of daily, weekly, and monthly reports to agency

ARCSIGHT (Security Information and Event Management – SIEM)

The management of the ArcSight in shall minimally include and not limited to the following:

• Administration of ArcSight LMS

• Administration of agent updates

• Management of patching activities

• Addition and removal of monitored agents

• Configuration and deployment of security policies

• Generation of daily, weekly, and monthly reports to agency

IT Configuration Management

• Periodic review of IT asset inventory (hardware, software, network equipment, network-attached devices, and endpoints) maintained by Client-appointed Asset Officer

• Oversight and review of system-level obsolescence

• Preparation and submission of reports to Client

• Incident management support

• Leadership in investigation and resolution of security incidents

• Root cause analysis of recurring incidents and recommendation of improvements

IT Security Management

• Scheduling and oversight of security scans in accordance with policies

• Verification of vulnerability remediation effectiveness

• Weekly security review of system access and administration activities

• Identification and reporting of unusual or suspicious activities

• Tracking, mitigation, and deployment of security patches within stipulated timelines

• Monthly reporting on vulnerability and patch status

• Escalation and risk acceptance management with Client approval

• Administration of security monitoring tools (e.g., Splunk, ArcSight, EDR where applicable)

IT Security Compliance & QA Management

• Ensure system compliance with applicable standards, policies, directives, and guidelines

• Weekly and monthly review of account activities

• Weekly and monthly log review

• Annual declaration and reporting of compliance status to head office

• Support audit activities by providing evidence and responses to auditors

• Coordination with stakeholders on compliance-related requirements

Requirements

• Experience in IT infrastructure, cybersecurity operations, or system administration roles

• Experience in managing endpoint security solutions (e.g. Carbon Black or equivalent EDR tools)

• Experience in server security and anti-virus platforms (e.g. Trend Micro, Trellix, or equivalent)

• Familiarity with web application security and data security tools (e.g. Imperva or equivalent)

• Experience with SIEM tools such as ArcSight, Splunk, or equivalent monitoring platforms is an advantage

• Good understanding of IT security principles, vulnerability management, and patch management processes

• Knowledge of ITIL processes, incident management, and change management practices

• Experience in system monitoring, reporting, and compliance support activities

Interested candidates, please click on the following link to begin your job search journey and submit your curriculum vitae (CV) directly.

By sending us your personal data and curriculum vitae (CV), you are deemed to consent to PERSOL Singapore Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at https://www.persolsingapore.com/policies. You acknowledge that you have read, understood, and agree with the Privacy Policy.

PERSOL Singapore Pte Ltd • RCB No. 200007268E • EA License No. 01C4394• Reg. R26159701 (Noor Eliza Chai Binti Ibrahim Essini Chai)