IT Security Engineer

Summary:

As a IT Security Engineer, you will provide IT security and vulnerability management support for a suite of business applications. You will support Corporate Business Systems, used by over 6,000 users to fulfill the agency’s mission to protect the nation’s Digital Way of Life and defend Singapore’s Critical Information Infrastructure (CII) to ensure the continuous delivery of essential services to all Singapore residents. You will be part of a 20+ person full-service application delivery team.

Job Description:

• Responsible for IT Security portfolio of a for large scale IT infrastructure implementation project. Develop, implement, integrate, administer, maintain, and enhance enterprise security services, technologies, and platforms. This includes, but is not limited to Vulnerabilities Assessment, Penetration Testing, Privileged Access Management, Dynamic Access Management, Identity Governance & Administration, Endpoint Detection and Response, and etc.
• Building of policies to enforce controls to meet business use cases
• Develop and communicate policies, procedures, standards, and controls to enhance the user experience, manage risk, and to ensure compliance with legal, regulatory, and contractual requirements;
• Develop automation scripts for patching or automating security administration, monitoring or reporting tasks using Perl, Python, etc
• Conduct tracking of patch management activities from initial reporting of vulnerabilities / availabilities of patches to successful remediation for servers and network routers/switches.
• Perform Daily Check/Schedule of weekly/monthly automated or ad-hoc MVMS vulnerability scan of Applications, Servers and Network routers/switches status. Troubleshooting and re-activation/re-scheduling of scanning if fail.
• Ongoing maintenance of Tenable MVMS asset inventory management for onboarding of new target systems and offboarding of existing targets systems to be scanned by MVMS.
• Perform signature update, Faults/Performance monitoring of the Nessus application.
• Test and update Endpoint Protection and EDR signatures. Extracting quarantined malware for reverse engineering. Creating and maintaining EDR blacklist.
• Conduct ad-hoc Malware IOC scan for servers upon emerging threat.
• Provide post go-live support i.e. maintain, troubleshoot, patch and update various security tools and scanners.
• Escalate issue to Principal Security Engineer for follow-up for severity 1, 2, 3 security vulnerabilities and configuration compliance.
• Conduct monthly/ad-hoc compliance audit scan for servers and routers/switches.
• Produce security reports and SOP documentation (Track vulnerabilities, produce security metrics reports, operating procedures, continuity documents and support Tactics, Techniques, Procedures updates).
• Present management reporting and dashboarding to stakeholders, with analysis of data and trends, and recommend next steps.

Requirements:

• At least Bachelor’s degree in Science or Engineering and 5 years’ relevant working experience in IT Security or Cyber Security, or equivalent experience; Working knowledge of several of the following areas is required: Understanding of business security practices and procedures; knowledge of current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products, and current Cloud Technologies.
• At least one or two of the followings Professional and technical security certifications such as CEH, GIAC, CISSP, CISM, CCNA Security, GICSP, GSEC, SSCP and/or specific technology platform certifications e.g. CyberArk, Splunk, Carbon Black, Guardium, Imperva, SolarWinds and etc is preferred.
• Strong fundamental knowledge of SSH, TCP/IP, UDP, SSL, HTTP, HTTPS, PKI, DNS, and other common protocols.
• Familiar in at least any THREE (3) of the followings - Penetration Testing, Vulnerability Assessments, Compliance Scanning, Secure Code Review, DevOps/DevSecOps, cyber exercises, security awareness programmes.
• Familiarity with scripting for automating tasks using Perl, Python, etc.
• Hands on experience in operating and maintaining enterprise security tools such as Tenable Nessus vulnerability scanner.
• Experience with web application compliance scanning (BURP preferred).
• Familiarity with Privilege Access Management (PAM) tools such as BeyondTrust, SailPoint, ForgeRock, CyberArk, and etc. Familiarity with Dynamic Access Management (DAM) tools such as IBM Guardium, Imperva SecureSphere DAM and etc.
• 3+ years of hands-on experience in the PAM and DAM environment responsible for design, architecture, installation, and configuration of Base platform configuration, configuration of user onboarding and permission/role mapping, setup of folders and templates for various platforms, setup of Auto-Discovery functions, rules, and automation of account/secret placement, configuration of secret autorotation, check out/in, and JIT workflows, configuration of session proxying and recording, and migration of secrets from other platforms into the PAM & DAM solution.
• Advanced knowledge of security controls, audits, and configurations including Endpoint Detection and Response EDR tools such as VMware Carbon Black Endpoint, Crowdstrike Falcon and etc.
• Experience with Windows OS security setting/STIG reviews.
• Demonstrable experience with modern computing infrastructures such as AWS, Azure, GCP, OpenStack, etc. Familiarity with security testing on cloud environments is advantageous.