Job
Purpose
To lead and implement
robust cybersecurity strategies and solutions that safeguard IT
infrastructure, applications, and data across cloud and on-premise
environments.
Responsibilities
Serves as the domain expert (SME) on Cybersecurity
matters
Lead and influence multi-disciplinary
teams in implementing and operating cyber security controls for
cloud and on premise environment; micro-services, containers,
applications, operating systems, databases, and networks
Involve in the project or lead the project related with
IT infrastructure & Application security whenever
required.
Support maintenance team in
difficult or chronic problems, escalate the issue to vendor,
identifying the root cause and preventive measures.
Support presales team on infrastructure & Application
security solutioning in bids
Provide system
architecture design and planning for new IT infrastructure
deployments in both hosted and cloud environments
Work closely with Project Managers / Application
Development Team in planning the implementation tasks
Perform initial installation and configuration of new IT
infrastructure & security deployments in both hosted and cloud
environments
Conduct security design review
with customers
Lead the track in security
testing and remediation, conduct Application, Server and Network
vulnerability assessment.
Deliver Application
Security Assessment activities with entities and external
suppliers / customers.
Interpret security and
technical requirements into business requirements and communicate
security risks to relevant stakeholders ranging from business
leaders to engineers
Collaborate with
application developers and database administrators to deliver
creative solutions to difficult technology challenges and business
requirements
Conduct in-depth assessments on
the applications using SAST, DAST, Penetration Testing, Red Teaming
Activities to determine application security posture and potential
vulnerabilities.
Develop and implement server
security and hardening
Supports the monitoring
and tuning of detection and security automation tools
Automate security controls, data and processes to provide
better metrics and operational
support
Experiences
& Qualifications
Minimum Bachelor in Computer Science or IT related
studies
Minimum 8 years' experience in IT
industry with 6 years in network / systems / Application security
arena.
At least 5 years of experience in
Vulnerability Assessment, Penetration Testing & Source Code
Reviews of Web, Mobile and Thick Client Applications
Experience in Windows and other OS good to
have.
Experience of working and securing
Virtualization Technologies
Experience with
firewall technologies and products, including NextGen firewalls and
firewall management tools
Knowledge and
experience in scripting or programming languages (ex. Python, Perl,
Ruby, PowerShell, C, C#, Java) in order to develop custom scripts
or tools.
In-depth knowledge in network and
systems security issues
Hands-on experience in
security-related tasks such as OS tightening, patching and
updating, virus scanning will be an added advantage.
In-depth knowledge on network and systems security issues
and ability to offer advisories and troubleshooting
support.
Good communication skills and
positive working attitude.
Relevant
certifications such as CISSP / CISA / CISM, CREST, CEH would be
advantageous
Cybersecurity • Singapore