IT Security Consultant
RAPSYS TECHNOLOGIES PTE. LTD.
Company Overview
Headquartered in Singapore with offices in Malaysia, India and USA we partner with multinational companies to deliver cutting-edge technology and business process outsourcing solutions. We focus on customer needs to drive long-term growth and exceed expectations.
Job Summary
You will develop and maintain security policies for cloud and hybrid environments, collaborate with security teams to enhance detection and response, conduct risk assessments, and perform security architecture reviews to protect organizational assets. You will collaborate across the organisation to architect, implement, and continuously improve security capabilities that protect our infrastructure and systems.
Responsibilities
- Develop, document, and maintain security policies, procedures, guidelines, and baselines for cloud and hybrid environments
- Collaborate with the SoC team to analyze security policies, improve alert fidelity, and reduce false positives
- Work with the Security Engineering team to enhance detection and response capabilities through regular reviews and improvements of security monitoring and alerting workflows
- Track and report on the effectiveness of security controls by conducting periodic reviews and fine-tuning measures
- Assist in developing risk assessment and security frameworks to establish a consistent risk assessment methodology for cloud and hybrid environments
- Conduct in-depth security architecture reviews and threat modeling for new and existing systems to identify attack surfaces, trust boundaries, and design weaknesses, providing prioritized mitigation recommendations
- Perform structured risk assessments across infrastructure and application systems in cloud and hybrid environments
Required competencies and certifications
- Minimum eight (8) years of relevant IT experience deploying and managing security services for on-premises and cloud environments, including design, development, implementation, or management of security solutions
- Strong understanding of risk management methodologies and compliance frameworks
- Experience with security tools and technologies such as Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Database Activity Monitoring, Data Security and Protection, Privileged Access Management, File Integrity Monitoring, Web Application Firewall, and Intrusion Prevention
Preferred competencies and qualifications
- Professional certifications such as CISM, CRISC, CISSP, or equivalent
- Relevant certifications such as AWS Certified Security - Specialty or Certified Cloud Security Professional (CCSP)