Job Description
• Able to implement a security architecture blueprint (from devsecops, application, infrastructure, operational security, for applications to interact with). Define the process, provisioning, interfaces and provide recommendations.
• Access management and control.
• Engage and execute Security Vulnerability Scanning activities (HCR/NVA/Pen Test/ SAST/DAST activities etc) and resolve findings.
• Manage Access management and SIEM tools in the environment.
• Facilitate auditing processes conducted by external parties.
• Familiar with operational security processes
o OS level patching
o Application-level patching
o Operational housekeeping and archival.
o Server and application hardening procedure & steps
o IM8 policy
o Vulnerability Assessment
o Security Incident detection and reporting
o SSL certificate renewal
Technologies & Skills Required
• OS Administration (Linux / Windows)
• IBM Security Verify Access
• IBM Qradar
• Thales HSM
• OpenSSL
• Tenable Nessus, Burp Suite Enterprise
Top 3 MUST have skills:
• Minimum 2+ years of experience with IT Security.
• CISSP/CCSP/CCSK certification or its equivalent is preferred
• 1-2 areas of Cyber Security domains such as Identity Access Management, Security and Risk Management, Application and Network security, Vulnerability Management with a broad understanding of other areas.
Good to have skills (Optional)
• Familiar with Singapore Government standards of security posture including planning and running SSAT, Security Compliance Check, Security Vulnerability Scanning, DAST & SAST.
• Work with security tools & environment.
