Security Engineer

. Able to implement a security architecture blueprint (from devsecops, application, infrastructure, operational security, for applications to interact with). Define the process, provisioning, interfaces and provide recommendations.
. Access management and control.
. Engage and execute Security Vulnerability Scanning activities (HCR/NVA/Pen Test/ SAST/DAST activities etc) and resolve findings.
. Manage Access management and SIEM tools in the environment.
. Facilitate auditing processes conducted by external parties.
. Familiar with operational security processes
o OS level patching
o Application-level patching
o Operational housekeeping and archival.
o Server and application hardening procedure & steps
o IM8 policy
o Vulnerability Assessment
o Security Incident detection and reporting
o SSL certificate renewal

Technologies & Skills Required
. OS Administration (Linux / Windows)
. IBM Security Verify Access
. IBM Qradar
. Thales HSM
. OpenSSL
. Tenable Nessus, Burp Suite Enterprise

Top 3 MUST have skills:
. Minimum 2+ years of experience with IT Security.
. CISSP/CCSP/CCSK certification or its equivalent is preferred
. 1-2 areas of Cyber Security domains such as Identity Access Management, Security and Risk Management, Application and Network security, Vulnerability Management with a broad understanding of other areas.

Good to have skills (Optional)
. Familiar with Singapore Government standards of security posture including planning and running SSAT, Security Compliance Check, Security Vulnerability Scanning, DAST & SAST.
. Work with security tools & environment.