x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Jobs in Singapore   »   Jobs in Singapore   »   Legal / Public / Security Job   »   Security SME Engineer
 banner picture 1  banner picture 2  banner picture 3

Security SME Engineer

Erp21 Pte Ltd

Role Overview

Security Subject Matter Expert (SME) is responsible for designing, implementing, and managing security solutions to protect the company's information systems, networks, and data from potential threats and cyber-attacks.

The primary role is to provide expert guidance, support, and leadership in all matters related to security within an organization. This role will require strong analytical and collaboration skills, detailed working knowledge of current and emerging security technologies, as well as the ability to correlate events to identify abnormal behavior.


Responsibilities

  • Serve as a Subject Matter Expert (SME) for security technologies, supporting high visibility needs of the business in a variety of special projects. These unique projects often involve expedited deliverables, operational agility, and require top quality deliverables covering both the consulting and operations functions.
  • Investigate any security incidents and provide insights to internal/external business users.
  • Develop processes and procedures and fine-tune alerts as part of ongoing improvisation of security operations.
  • Develop cloud/hybrid and cloud platform-specific security policies, standards, and procedures on cloud providers (Azure, AWS) and cloud-native platforms (PCF, Docker, Kubernetes, etc.).
  • Identify and deliver appropriate cloud security controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud-native threats.
  • Conduct integration of supported Cloud-based Security Products such as Web Application Firewall (WAF), Web Security Proxy, etc.
  • Conduct detailed & comprehensive investigations and triage on a wide variety of security events.
  • Recommend and implement remediation processes.
  • Stay up-to-date with the latest security threats, vulnerabilities, and mitigation techniques.
  • Collaborate with cross-functional teams to implement security measures and address security requirements.
  • Communicate security risks, recommendations, and status updates to stakeholders, management, and team members.
  • Identify opportunities to improve processes and/or tools to ensure the highest level of quality, including documentation, mentoring, and training sessions.
  • Own the technical components of a customer integration project including but not limited to configuration, debugging, documentation, testing, and go-live support.
  • Identify and mitigate potential security threats and vulnerabilities.
  • Provide relevant recommendations to improve the overall security posture of customers.
  • Deployment of security technologies while ensuring standards are adhered to as well as maintenance/repair supervision working with vendor support teams on corrective activities for system issues.
  • Assist in any ad-hoc tasks when necessary.


Requirements

  • Over 5 years of experience in Information Security or engineering.
  • At least 2 years of direct experience in one of the public cloud platforms, such as AWS or Azure with strong knowledge of their security features.
  • Industry-recognized security certifications (OSCP, CISSP, CISA, CEH, AWS Security, etc.).
  • Ability to identify and drive remediation of public and hybrid cloud risks.
  • Experience in general security technologies, processes, and concepts.
  • Experience with web security concepts and technologies such as web application firewalls, and proxy.
  • Working experience on SIEM / Analytics tools, eg: Securonix, Sentinel.
  • Working experience with common security operations systems, Intrusion Detection Systems(IDS/IPS), Security Incident Event Management systems(SIEM), anti-virus log collection systems, etc.
  • Working knowledge of security systems and programs.
  • Sound fundamental knowledge of Internet technologies, such as TCP/IP, HTTP, SSL, DNS, OWASP Top10, and web servers (e.g. Apache, IIS, Nginx, etc.).
  • Familiarity with AWS technologies, such as CodePipeline, CodeBuild, CodeDeploy, CodeStar, Guardrails, Amazon ECS, AWS Lambda, and Open-source tools like Jenkins, DefectDojo, and OWASP Glue will be an added advantage.
  • Strong analytical and problem-solving skills, with the ability to identify and address security risks and Vulnerabilities.
  • Ability to analyze and develop innovative recommendations and solutions.
  • Excellent verbal and written communication skills.
  • Independent and results-oriented.
  • Willing to work on a flexible schedule depending on business need.


✱   This job post has expired   ✱

Sharing is Caring

Know others who would be interested in this job?