IT Security Officer

Role Overview

As an IT Security Officer, you will help identify, verify, and drive remediation for security weaknesses and exposures across the environment. You will partner with system owners, keep findings visible, and support the organisation in maintaining a strong and well-controlled risk position.

Key Responsibilities

• Review alerts and findings from attack surface management and vulnerability scanning tools.
• Validate each issue by checking severity, exploitability, and whether it is a true exposure before taking action or escalating.
• Separate genuine risks from false positives and assess them in the context of the asset inventory.
• Set remediation priorities based on risk impact.
• Coordinate with system owners to chase outstanding items and track closure progress.
• Monitor remediation timelines and ensure issues are resolved promptly.
• Handle exceptions and accept risk where immediate remediation is not possible.
• Explain technical security findings in clear, practical terms for non-technical stakeholders.
• Compile vulnerability information and remediation statistics for reporting.
• Look for recurring patterns and broader issues across the organisation’s external attack surface and internal assets.
• Recommend improvements to strengthen the exposure management programme.
• Help improve attack surface management and vulnerability management workflows, tool settings, and escalation guides.
• Support the creation and upkeep of vulnerability management policies, standards, and procedures aligned with industry best practices.

Requirements

• Bachelor’s degree in Computer Science, Information Security, or an equivalent qualification.
• Professional certifications such as GWEB, OSCP, CRISC, CISA, or similar credentials are preferred.
• About 5 years of experience in cybersecurity-related work such as vulnerability management, attack surface management, security operations, or IT risk.
• Strong grasp of cybersecurity fundamentals, including vulnerability management, patch management, CVSS-style scoring, and external exposure risks.
• Experience with ASM or vulnerability management platforms such as Tenable, Qualys, Censys, or comparable tools.
• Python or another programming language is an advantage.
• Good analytical thinking and judgement, with the ability to assess issues critically and make sound recommendations.
• Strong communication and interpersonal abilities, plus the capacity to juggle multiple tasks, set priorities, and explain technical issues clearly.
• Highly detailed, dependable, proactive, and energetic.

Additional Information

This is a contract role based onsite in Singapore, Singapore.

The position is for an IT Security Officer focused on exposure management, vulnerability validation, remediation tracking, and reporting.

No salary, stipend, number of openings, start date, or application deadline was specified in the source.