Are you passionate about building great products? Do you want to redefine the way travellers explore the world? Keen to be part of this growth journey with a bunch of amazing people? Then Pelago is the place for you!
We are looking for ambitious and motivated talents who are excited about staying on the cutting edge of Technology and always keen on innovating new ways to drive growth and taking our startup to new heights.
WHO ARE WE?
Pelago is a travel experiences platform created by Singapore Airlines Group. Think of us as a travel magazine that you can book - highly curated, visually inspiring, with the trust and quality of Singapore Airlines. We connect you with global, local cultures and ideas so you can expand your life.
We are a team of diverse, passionate, empowered, inclusive, authentic and open individuals who share the same values and strive towards a common goal!
WHAT CAN WE OFFER YOU?
- A unique opportunity to take end-to-end ownership of your workstream to deliver real value to users.
- Platforms to solve real user problems concerning travel planning & booking with innovative products/services.
- An amazing peer group to work with, and the ability to learn from the similarly great minds around you.
- An opportunity to be an integral part of shaping the company’s growth and culture with a diverse, fun, and dynamic environment with teammates from different parts of the world.
- Competitive compensation and benefits - including work flexibility, insurance, unlimited annual leave, remote working and more!
WHAT YOU WILL BE DOING?
We are seeking a highly skilled and experienced Senior Security Operations (SecOps) to join our team. The ideal candidate will have a robust foundation in information security, a comprehensive understanding of cyber threats, and a genuine commitment to implementing robust security measures. This role will involve formulating, executing, and upholding security solutions to protect our company's information systems and data across a global shipping environment.
Key Responsibilities:
Security Infrastructure Design and Implementation:
- Design, deploy, and maintain security infrastructure, including firewalls, intrusion detection/prevention systems, VPNs, and other security tools.
- Collaborate with 3rd party solution vendors, system architects, and developers to ensure security is an integral part of the system design and development process.
Security Policy Development and Compliance:
- Develop and enforce company security policies and procedures to ensure compliance with industry rules, regulations, and company requirements.
- Stay abreast of industry best practices and emerging threats to continually improve security policies.
- Handle audits and collaborate with auditors to ensure compliance with regulatory requirements.
Monitoring, Analysis, and Incident Response:
- Oversee day-to-day operations of security tools to monitor and analyze security events.
- Respond to and investigate alerts generated by security monitoring systems.
- Develop and implement incident response plans to effectively address and mitigate security incidents.
- Investigate security incidents, analyze root causes, and recommend corrective actions to prevent future occurrences.
- Perform e-discovery and forensic analysis on internal and digital threats or incidents.
Risk Assessment, Vulnerability Assessment, and Penetration Testing:
- Identify and assess potential risks and vulnerabilities in the organisation's systems, networks, and applications.
- Conduct regular vulnerability assessments and penetration tests to identify and address security weaknesses.
- Work with development and operations teams to remediate identified vulnerabilities.
Vendor Management and Collaboration:
- Collaborate with third-party vendors to analyse reports and address security issues promptly.
- Communicate effectively with vendors to ensure timely resolution of security concerns.
Security Awareness, Training, and Collaboration:
- Design and deliver security awareness training programs for staff to promote a culture of cybersecurity awareness.
- Provide guidance to staff on security best practices and their role in maintaining a secure environment.
- Collaborate with cross-functional teams to integrate security into all aspects of the business.
- Communicate security risks and recommendations to stakeholders.
Documentation, Reporting, and Compliance:
- Maintain accurate records of security measures, incidents, and responses.
- Provide regular reports to management on the state of cybersecurity within the organisation.
- Fulfil compliance and audit requirements.
WHAT EXPERTISE YOU WILL NEED TO HAVE?
- Bachelor’s Degree in Computer Science, Information Security, or related field.
- Advanced degree or relevant certifications (e.g., CISSP, CISM, CEH) are a plus.
- 3+ years of proven experience in cybersecurity engineering or related roles.
- In-depth knowledge of security concepts, protocols, best practices, and technologies.
- Strong understanding of networking, operating systems, and cloud environments.
- Experience with security tools such as AWS security architecture, cloud systems, firewalls, antivirus, IDS/IPS, SIEM, and endpoint protection.
- Excellent problem-solving and communication skills.
- If you possess the qualifications and experience required for this role and are passionate about cybersecurity, we encourage you to apply and be a part of our team.
If you’re as excited as we are in this journey, do apply directly with a copy of your full resume and portfolio (if any). We'll reach out to you as soon as we can!
