Job description:
Position Summary
The Senior Cyber Security Engineer will work in a fast-paced and highly collaborative environment with cross-functional teams. You need to be a security practitioner in cyber security standards, protocols and framework. You also need to ensure the organisation complies with applicable regulations such as the Cyber Security Act, MAS Cyber Hygiene and Technology Risk Management Notices.
Key Responsibilities
- Manage the budget for the organisation's portfolio of cybersecurity solutions.
- Represent the security division at various forums/meetings.
- Manage cybersecurity assurance activities such as VAPT, Red Teaming, Table-top Exercises.
- Manage, operate, administer, and optimise the organisation's portfolio of cybersecurity solutions, e.g., IDS/IPS, email defences, EPP, DLP, Vulnerability Management, PAM (CyberArk and Beyondtrust), IAM/IGA, DAM, proxy, NGFW.
- Responsible for day-to-day cybersecurity operational activities pertaining to security solution assigned
- Responsible for end-to-end security solution design and project implementation
- Responsible for identifying security controls based on secure-by-design methodology to ensure solutions adopt their required security posture.
- Implement, operationalise, and optimise new cybersecurity solutions as required.
- Own and ensure the security solutions documents are up to date
- Maintain high quality standards throughout the product delivery process
- Assist with security incident response activities including containment and recovery when the need arises
- Stay current on the latest cybersecurity industry trends, technologies, and techniques, and conduct cybersecurity awareness training within the company.
- Support colleagues and cover duties when required
Requirements
- Degree in Computer Science, Computer Engineering, or InformationSecurity related fields
- Strong experience in administering security solution, e.g. CyberArk, BeyondTrust, TrendMicro, Deep Security and Apex one, Tenable security center, Nessus Pro, IMPERVA SecureSphere, NGFW.
- Possess a deep understanding of various Operating Systems, e.g., Linux, Unix and Windows.
- Experience with programming/scripting (Python, PowerShell, etc) will be a plus
- At least 8 years of experience supporting cybersecurity operations in an On-Prem and AWS environment
- Security certifications such as GSEC, GCIH, GCIA, GCFA, GCFE or GNFA are highly
desirable
- Product certifications in PAM, DAM, VM will be a plus
- Excellent problem-solving and analytical skills with a keen eye for detail
- An effective communicator who can create and maintain constructive relationships with stakeholders, vendors and colleagues
- Able to work independently and manage work well to meet project datelines
- Possess working experience in the following areas:
1) MAS Cyber Hygiene (PSN06) and Technology Risk Management (PSN05) Notices, MAS Technology Risk Management Guidelines, and Cybersecurity Act and Cybersecurity Code of Practice (CCoP)
2) NIST Cybersecurity Framework, MITRE ATT&CK Framework, Cyber Kill Chain and OWASP Top 10
3) CI/CD and DevSecOps methodology
4) Architecting and implementing secure, scalable, and resilient solutions in a hybrid cloud environment.