IT Security Engineer (ITSO)
Full-time
Others/Any
Outram Park, Central Singapore
10 months ago
Technical Specifications: Good in providing solution by investigating and post-mortem analysis to resolve security violations. Experience in Informati..
Technical Specifications:
- Good in providing solution by investigating and post-mortem analysis to resolve security violations.
- Experience in Information Security
- CISSP or Global Information Assurance Certification (GIAC) or equivalent.
- Performed asset and network discovery activities to ensure full coverage of vulnerability discovery.
- Good Experience in system and application vulnerability testing for Web servers, DB servers, Network devices Etc. using Nessus or Nexpose or other vulnerability Manager Tools.
- Good in monitoring security vulnerability information from vendors and third parties applications.
- Good in implementing policy audit for servers and workstations
- Prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets.
- Research threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities.
- In-depth knowledge of security systems and applications and a strong foundation in core area of security (e.g. OS hardening, Active Directory, DLP, network and perimeter).
- Good experience in configuring hardening guidelines and helped in maintaining baseline standards.
- Good experience in configuring CIS benchmarks on (Servers, Desktop & Network Devices)
- Configuring and monitoring of operational security infrastructure
- Good exposure to industry standards such as ISO 27001, PCI-DSS, with Audit experience in large enterprise/Service provider environment.
- Have good knowledge in web application security testing.
- Have a very good understanding about life cycle of Information Security Audit / VA
- Recommend, scheduled the security patches and other measures required in the event of a security breach.
- Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
- Experienced in investigate and resolve security violations by providing post-mortem analysis to illuminate the issues and possible solutions.
- Good knowledge of Application exploitations and configuring alerts on SIEM
- Worked on installation, configuration management of security systems and applications, includes policy assessment, compliance tools, network security appliances and host-based security systems.
- ·Worked on monthly management reports, dashboards, documentation for security systems and procedures.
- Good in reporting unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
- Good in training, mentoring and guiding for team members to use of security tools and resolve issues.
- Good in evaluating, implementing information security solutions to protect against potential threats for security violations
- Worked on incident response and architecture review processes.
- Managed and supported Endpoint Security/ ePolicy Orchestrator, Virus scan Enterprise, Data Loss Prevention, Host Intrusion Prevention and Endpoint Encryption.
- Have good knowledge on Data loss prevention and Endpoint Encryption tools.
Official account of Jobstore.