Information Security Analyst supporting information security function at Ten, a trusted service provider. Ensuring compliance with global standards and managing security risks within the organization.
AL
Hybrid Cybersecurity Engineer – IT Security Operations
Posted 6 months ago
About the role
- Cybersecurity Engineer responsible for developing and maintaining cybersecurity standards and conducting security assessments for Assurity Trusted Solutions as a subsidiary of GovTech.
Responsibilities
- As part of the team, you will develop and maintain cybersecurity standards, procedures, configurations or rulesets for the systems and services.
- For validation of security procedures, you will conduct security exercises which may include table-top or simulation exercises.
- Participate in security incident response that includes understanding alerts, coordination with various system or service operators, identifying potential threats and performing basic triaging prior to escalation to next level security responder.
- Coordinate in Indicators-Of-Compromise (IOC) scanning, collating the reports from various system operators with consolidated update to the stakeholders.
- Perform vulnerability assessment using automated and manual tools with recommendation for actionable remediation controls. Understand the published vulnerabilities with their respective security patches with context to the deployed system and perform risk assessment onto them.
- Monitor and notify security patches releases for the various products. Involve in the security patch assessment rating based on standards like Common Vulnerability Scoring System (CVSS) as well as with the context of the deployed environment.
- Engage with stakeholders with presentation or reporting on the vulnerability scanning results, security testing results, security incident or security posture of the systems.
Requirements
- Knowledgeable in cyber security principles, operational security management techniques, architecture and designs, cybersecurity attributes (e.g. confidentiality, integrity, availability, accountability, assurance, etc.) and security measures (e.g. authentication, authorisation etc.) for applications in an enterprise environment or setup.
- Possess more than 5 years’ working experience on cybersecurity in one or more of the following domains: Network security design, applications secure development, cryptography, mobile management, cloud hosting design and implementation, DevSecOps, etc.
- Possess security certifications such as SANS GCIH, CISSP, CISM, AWS or any cloud service security specialty is an added advantage.
- Knowledgeable on cyber security technologies (SIEM, VMS, CTEM, VA, GRC and Cloud Security toolsets.
- Experience in risk assessment on system, network, application cloud security vulnerabilities, misconfigurations and security patches with technical understanding on their mitigation.
- Has understanding of vulnerability assessment, penetration testing report, conduct a full impact of identified and reported vulnerabilities, recommend, and conduct remediation and mitigation.
- Experience in understanding alerts, identifying potential threats and performing basic triaging prior to escalation to next level security responder.
- Has good interpersonal and stakeholder management skills with presentation skills, and the ability to write clearly, concisely, and within context.
- Experience in working with cross-functional, multi-disciplinary teams or contractors to formulate and institute security policies, standards, procedures and configurations.
Benefits
- A wholly-owned subsidiary of GovTech.
- We promote a learning culture and encourage you to grow and learn.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Operations Center Analyst managing incidents and security alerts for 7 - Eleven stores. Focusing on in - depth analysis and proactive monitoring within a state - of - the - art Security Operations Center.
Security Operations Manager at Qnity managing physical security programs across global sites. Overseeing operations and collaborating with cross - functional teams to mitigate risk and maintain secure facilities.
SOC Analyst monitoring security events and responding to incidents at Junglee Games. Collaborating on security protocols to ensure protection of digital assets.
Senior Director of Global Security Operations at CyrusOne strategizing and managing security across global data centers. Driving execution, governance, and operational excellence in a high - availability environment.
Cybersecurity generalist at PwC providing security solutions and maintaining the protection of client systems. Involves monitoring security alerts, incident response, and collaboration with stakeholders.
Security Operations Manager overseeing safety measures for corporate office locations and events at Whatnot. Responsible for developing security frameworks and managing vendor relationships across global operations.
Manager overseeing technical security operations for the Protection Services department. Responsible for managing security systems, staff training, and interdepartmental collaboration.
Principal in Security Monitoring Response at Mastercard managing global crises and resilience operations. Leading incident response efforts and ensuring the safety of people and assets.
SOC Analyst II providing real time security monitoring and threat hunting services for clients in various industries. Assisting in identifying security incidents and managing vulnerabilities.