Lead Security Engineer

The NETS Group is a leading payments services group, enabling digital payments for merchants, consumers and banks across the entire payments value chain. 

The Group operates Singapore’s national debit scheme enabling customers of DBS Bank/POSB, HSBC, Maybank, OCBC Bank, Standard Chartered Bank and UOB to make payments using their ATM cards or mobile devices at more than 130,000 acceptance points in the country as well as online payments.

Position Summary

• Responsible for conducting Information Security compliance reviews across all required Technology systems within the organisation, ensuring that appropriate Information Security controls are in place and effectively implemented.

Key Responsibilities

• Perform comprehensive reviews of critical Information Security processes, such as Patch Management and Open-Source Vulnerability Management, across all required technology systems within the organisation. Ensure that the necessary security controls are consistently implemented to mitigate risks and align with industry standards and organisational policies.
• Work closely with cross-functional teams, including IT, operations, and security teams, to identify, prioritise, and remediate vulnerabilities across various production system platforms. Act as a liaison between technical and non-technical stakeholders to ensure vulnerabilities are understood and addressed in a timely manner.
• Proactively monitor the progress of vulnerability remediation activities, ensuring that all identified security issues are resolved within the specified timelines. Conduct verification checks to confirm the effectiveness of corrective actions and ensure that vulnerabilities are fully mitigated.
• Provide regular updates and detailed reports to relevant risk committees, highlighting any outstanding vulnerabilities, their potential impact, and the status of their resolution. Ensure that senior management is kept informed of any critical security gaps that may pose risks to the organisation.
• Continuously track and report on relevant Key Risk Indicators (KRIs) to assess the organisation’s risk exposure. Conduct Risk Control Self-Assessments (RCSAs) to identify and mitigate potential risks within existing controls and processes.
• Assist with other security-related tasks and projects as assigned, including contributing to audits, process improvements, policy updates, and any emerging compliance requirements to enhance the organisation’s overall Information Security posture.

Requirements

• Bachelor’s Degree in Computer Science, Information Systems, IT Security, or related fields.
• Minimum of 5 years of relevant experience in managing internal controls within an IT control environment, with a strong focus on compliance and security best practices.
• In-depth understanding of regulatory requirements in Singapore, including frameworks such as the MAS TRMG Guidelines and MAS Cyber Security Hygiene.
• IT Security or IT-related certifications (e.g., CISSP, CCNA, CEH, etc.) are highly desirable.
• Strong awareness of current security trends and events, with a demonstrated passion for staying informed on the latest developments in the cybersecurity landscape.
• Excellent team collaboration skills, with attention to detail and the ability to remain resilient under pressure.
• Self-motivated and independent, able to manage workloads effectively and meet deadlines in a fast-paced environment.

Network for Electronic Transfers (Singapore) Pte Ltd.