IT Executive (Digital Capability & Innovation Department - Cybersecurity & Operations)

About the Role

We are seeking an IT Executive (Cybersecurity & Operations) to support the organisation’s cybersecurity posture and day-to-day IT operations. This role combines hands-on security operations with IT support responsibilities, ensuring systems are secure, reliable, and well-managed. The ideal candidate is technically hands-on, operationally strong, and able to translate cybersecurity requirements into practical system configurations.

Responsibilities:

1. Cybersecurity Operations & Monitoring

• Monitor security alerts from SIEM, endpoint protection, and network systems; perform triage and escalate where required
• Analyse logs and system activity to detect anomalies and potential cybersecurity threats
• Support implementation and maintenance of security tools (e.g., SIEM, endpoint detection, MDR services)
• Review and fine-tune security alerts and monitoring rules to improve effectiveness

2. Incident Response & Risk Management

• Perform first-level incident investigation, containment, and recovery actions
• Document incidents, root causes, and follow-up remediation actions
• Coordinate with internal stakeholders and vendors during security incidents
• Support vulnerability remediation and follow-up on identified risks

3. Governance, Risk & Compliance (GRC)

• Support implementation of cybersecurity policies, standards, and procedures
• Assist in audits, risk assessments, and compliance activities (e.g., PDPA and internal governance requirements)
• Maintain documentation for risks, controls, and mitigation actions
• Work with relevant stakeholders on data protection and data security initiatives

4. Vulnerability Management & Hardening

• Conduct vulnerability scans and coordinate remediation activities
• Track patching status and ensure timely updates across systems and endpoints
• Implement and maintain system hardening baselines (e.g., CIS benchmarks, NIST guidelines)
• Monitor security posture across assets and follow up on gaps

5. Vendor & Security Tool Coordination

• Liaise with cybersecurity vendors (e.g., MDR, VAPT, firewall providers)
• Track service deliverables, incidents, and remediation progress
• Support evaluation and onboarding of new tools and solutions

6. IT Operations & End-User Support

• Provide Level 1–2 IT support for incidents and service requests
• Support system administration for Microsoft 365, Entra ID / Active Directory, endpoints and network infrastructure
• Manage user access, onboarding/offboarding, and device lifecycle activities
• Perform routine system monitoring and preventive maintenance

Requirements:

Qualifications & Experience

• Diploma or Degree in Information Technology, Cybersecurity, or related field
• Preferably 3–6 years of relevant experience in cybersecurity and/or IT operations
• Experience in environments requiring both security and tech support responsibilities

Technical Skills

Familiarity with:

• Security monitoring tools (e.g., SIEM, log analysis, MDR platforms)
• Endpoint protection solutions (e.g., Microsoft Defender, Bitdefender or equivalent)
• Endpoint management tools (e.g., Microsoft Intune, Atera or equivalent)
• Vulnerability scanning and patch management tools
• Microsoft 365, Entra ID / Active Directory
• Network fundamentals and monitoring tools
• Implementation of cybersecurity frameworks (e.g., CIS, NIST) using Intune and Group Policy (GPO)
• Firewall configuration and management (e.g., Fortinet, SonicWall or equivalent)

Technical Exposure (Advantageous)

Experience with:

• PowerShell scripting for automation and administration
• Microsoft 365 ecosystem, including Entra ID security configurations
• Windows Autopilot or modern device provisioning workflows

If you are interested to join us, please apply via Fei Yue Career Portal: https://careers.fycs.org/

For your privacy and security, kindly refrain from including your NRIC number in your application form or resume.