NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region. 

As a Senior Lead Consultant, IT Security (Client Information Security Lead), you will be responsible to proactively elevate the overall service quality to our Client while managing the necessary cyber security risk posture of NCS.

What will you do?

To support the LOB as an independent (i.e. Line 2) Info-security Advisory, Compliance Assessment and Security Incident Response Management. You will work as the interface between NCS Enterprise SBG practice and NCS Corporate HQ-wide cybersecurity leadership, driving organization-wide cyber security strategy, implementation, and in turn, ensuring client and practice requirements are fed back into the continual improvement of relevant strategy, policies and standards.

• To ensure cyber key risk indicators and controls are simplified, relevant and effective for risk monitoring, reporting and mitigation, and in compliance with NCS Cyber Security Policies, government legislation (e.g., IM8, Public Sector Data Security, PDPA) and good industry practice.
• Conduct independent internal risk assessment on NCS Client-facing projects to identify weakness and provide recommendations for improvement e.g. thematic assessment, Risk Mitigation and Corrective & Preventive Action Plan.
• Alignment with business’ leaders to better understand the business’ goals and to make appropriate security controls into the environment considering people, processes and automation.
• Act as a cyber security incident response advisor on potential security matters. Partner as Subject Matter Expert (SME) with key business stakeholders including Risk Management, Legal, NCS IT, Cyber Incident Response Team, People & Culture and any external institutions (e.g. PDPC) that are critical to the success of cyber security.
• To drive the cyber security program and to improve cyber awareness for data security and its impact on the organization.
• To enhance efficiency and improve reliability of operational security compliance and monitoring process using automation mechanism e.g. scripts and tooling.

The ideal candidate should possess:

• Degree/Diploma or higher in Computer Science, Information Systems or equivalent
• At least one industry recognized security certification is, such as Certified Information Security Management (CISM), Certified Information Systems Security Professional (CISSP)
• 5+ years of hands-on experience in information/cyber security risk assessment practice e.g. in the domains of Governance, Risk & Compliance, Secured-design Engineering, Cyber Security Operations, Incident Response, and/or Vulnerability Management
• In-depth working knowledge of cybersecurity risk assessment, thematic audit, data or security governance framework e.g. NIST, CIS20, IM8, etc
• Knowledge of information security principles, IM8, ISO 27001 controls, Center for Internet Security (CIS) controls, Cloud Controls Matrix (CCM) controls
• Hands-on experience with hybrid cloud infrastructure or system security, security technologies and tooling, e.g., identity access management, remote access management, endpoint security, network security & administration, and application security e.g. OWASP 10 (API, web, LLM, mobile)
• Added advantage with experience in security incident response, infrastructure/application penetration testing, bug bounty program, vulnerability assessment, monitoring of secrets in public repository, and cloud security operation

• Senior stakeholder management and working across various parts of the organization
• Team player with good interpersonal and communication skills both written and verbal
• Eye for details

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity—and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future.  

Together, we make the extraordinary happen.  

Learn more about us at ncs.co and visit our LinkedIn career site.