IT System Security Engineer
Jobster Pte Ltd (EA License No: 06C5060)| Date Posted: 22-Feb-2020
EA Licence No: 06C5060|EA Personal Registration No: 200818951C
Bachelor's / Honours
- 1 Year renewable contract
- Working hours: Monday to Friday, 830am to 6pm
- Nearest MRT: Red Hill MRT
- Provide the central focal point for receiving and handling security advisories (e.g. alerts and vulnerabilities), vulnerabilities and malicious activities, which may potentially compromise the company's security composure. (e.g. virus, DDOS attacks etc.)
- Provide technical advice and recommendations and work with the team to implement security audits controls, for the various infrastructure services that are hosted in the company.
- Keep up-to-date with security threats on all services and respond with the analysis of the threat within the agreed turnaround time.
- Monitor and track security advisory assessment and recommendation
- Develop and maintain Security hardening standards and polices
- Monthly security reports include a summary of all the activities that take place in the following areas:
- i. Security policies, standards and procedures
- ii. Security awareness;
- iii. Security incident reporting and management;
- iv. Security reviews and audits; and
- v. Any other security activities such as Disaster Recovery and Business Continuity Plan Testing, implementation of security technologies and solutions.
- vi. Compliance reporting for accounts review, log review, patch review, hardening review etc.
- vii. Single Point of Contact (SPOC) for all security audits, including Government Audits e.g. AGO, AIISA, application, infra audits, e.g. IQA, ISO 20k, ISO 27k etc.
- viii. End-to-end fronting, tracking and monitoring of the security audit till closure.
- Security Monitoring and Reviewing
- Security Consultancy
- i. Weekly review and signing of audit review log
- ii. Perform vulnerability scanning for managed systems
- iii. Perform penetration scanning for systems
- iv. Annually account review exercise
- v. Annually firewall review
- vi. IT security incident management
- vii. Provide consultation services and advice via email
- viii. System compliance verification before “go-live” (Server, IIS & DB harden verification)
- ix. Security Ops on log analysis
- Security Scanning and provide Vulnerability Scanning of all internet-accessible application systems and critical ICT systems. The application software, operating system and network infrastructure shall be scanned
- Security Incident Management; To track security incidents (such as violations, breaches security weaknesses or system malfunctions) that have IT security impacts and resolve Security Incident accordingly within SLA
- Monthly Patching of Security Systems and Products
- Testing of Security systems upon completion of patching
- Provide Security Service Operation Support and administration of security product such as RSA, SPLUNK, etc
- Certificate in Information Technology Infrastructure Library ITIL will be more preferred
- Internationally-recognised security certifications such as Certified IS Security Professional (CISSP), SAN GIAC certifications, etc will be more preferred
*We regret to inform only shortlisted candidates will be notified*
Jobster Pte Ltd (EA License No: 06C5060)