Cybersecurity Engineer

Location Singapore
Job reference BBBH99717_1621495875
Salary Negotiable
Consultant name Sombilla Arvin Clark Sikat
Consultant email arvinclark.sombilla@experis.com.sg
Consultant contact no. 65515581
EA License No. 02C3423
Consultant Registration No. R1222536


As a Cybersecurity Engineer, you will provide leadership in the DevSecOps area of Vulnerability Scanning, Certificate/Secrets Management, Password Policy Management, Analysis for Security Monitoring, coordination of Remediation Patching, and other daily Security and Compliance efforts.

Additionally, you will assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open-source solutions. In a nutshell, you will implement security fabric in all Thales applications.

The Cybersecurity Engineer will work directly with the Platform Execution squad to improve and ensure security of the platform.

  • You will ensure the effectiveness of the vulnerability management process. Implement and coordinate the remediation of high risk, complex vulnerabilities as part of the DevSecOps team. Be hands-on by making system and application changes to improve cybersecurity to systems and applications
  • You will implement security fabric into the applications pipelines
  • You will define how to release securely new features part of Thales portfolio
  • You will provide support on the implementation and ongoing support of security monitoring and alerting systems that are part of the Cybersecurity Operations Center (CSOC)
  • You will support audit and compliance efforts affecting the platform environment and operations such as PCI, SOC2, GDPR
  • You will determine appropriate controls are in place via periodic assessment and testing. Identify and engage operations teams for needed remediation
  • You should have familiarity with Amazon AWS/Azure Policy, Configuration, and Security Management tools.
  • You will develop and maintain security policies, standards and in conjunction with production IT and DevOps teams
  • You should have familiarity with API Security, Container Security, AWS Cloud Security
  • You will apply security best practices and standard operating procedures for the platform solutions
  • You will collaborate with stakeholders to ensure good communication and quality solutions that meet the company's technical needs
  • You will create the documentation for the platform solutions
  • You will shape the future our Thales IFEC platform solution



Requirements:

  • Bachelor's degree in Computer science, Software Engineering, or another related field.
  • 3+ years of experience with cloud providers such as AWS or Azure.
  • 3+ years of experience with security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX), and General Data Protection Regulation (GDPR).
  • Prior experience (3-5 years) in a Production Engineering/ Vulnerability Remediation/ Agile or related position.
  • Experience working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the CyberSecurity program throughout the organization.
  • Experience coordinating and performing vulnerability assessments through the use of automated and manual tools (Tenable, NMAP, etc.).
  • Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives.
  • Possess leadership skills and/or act as a team player to coordinate remediation of security issues within established timeframe.
  • Familiarity with Information Security frameworks/standards (i.e., CIS, NIST, RFC2196, etc).
  • Comprehension in security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.
  • Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc.)
  • You have developed for years as a Software Full stack engineer
  • You have knowledge about virtualization and clustered orchestration (Kubernetes)
  • Good knowledge of public APIs for web (e.g. REST APIs and/or API Gateways)

Arvin Clark Sikat, Sombilla EA License No.: 02C3423 Personnel Registration No.: R1222536

Please note that your response to this advertisement and communications with us pursuant to this advertisement will constitute informed consent to the collection, use and/or disclosure of personal data by ManpowerGroup Singapore for the purpose of carrying out its business, in compliance with the relevant provisions of the Personal Data Protection Act 2012. To learn more about ManpowerGroup's Global Privacy Policy, please visit https://www.experis.com.sg/privacy-policy