Principal Security Engineer (3-year contract), Office of Integrated Information Technology Services

Singapore Management University | Date Posted: 29-Jan-2019
Save Job
Job Nature:
Contract
Position Level:
Manager
Qualification:
Diploma, Bachelor's / Honours

Job Description

Threat Detection and Intelligence Management

  • Assessing, evaluating,  recommending  &  implementing  security  policy  or  technologies  to address   ongoing  IT  security  threats  to  improve  overall  cyber   intrusions/threats   early detection capability.
  • Building sandbox solutions to detect malicious files and suspicious executable binary in an isolated environment.
  • Developing effective solutions to stop malicious code execution. Stopping 0-day exploits using exploit mitigation techniques and application whitelisting.
  • Detecting and avoiding malware persistence
  • 5. Detecting  and  preventing  lateral  movement  of  malware  infected  machines  and  monitor critical windows events
  • Blocking and  detecting  command  and  control  (  C&C  traffics)    through  logs  and  traffic analysis
  • Leveraging threat intelligence to improve SMU's security posture

Cyber Security Detection Systems Management and Operations

  • Perform daily IT Security related operations/tasks for early identification & detection of cyber intrusions, threats & risks in
  • Managing advanced analytics, machine learning or artificial intelligence technologies/systems to uncover hidden cyber threats.
  • Coordinate and  working  with  government  agencies  such  as CSA,  IDA  or  Cyber-Watch Centre (CWC) to obtain early warning of impending cyber-attacks.
  • Continuous monitoring  and  cyber  threats  analysis  to  ensure   IT  Services  are  running smoothly and
  • Conduct security  assessments   of   requested   or   planned   IT   implementations   such   as identifying and classifying risks, threats, vulnerabilities in relation to SMU's IT security
  • Managing security incidents' evidence preservation, analytic and
  • Keep abreast with the latest trends and development in Cyber threats detection, mitigation technologies, methodologies, news and related threats

Cyber Security Project Management and Implementation

  • Assist the Security Manager in keeping track of the operating budget for IT Security and manage the discharged project budget effectively to achieve optimum maintenance cost expenditures.
  • Provide assistance to Security Manger on all IT Security matters and/or related projects to ensure the proposal, objective and plan are evaluate and executed successfully.
  • 17. Responsible for managing  IT Security  projects for existing  infrastructure  that  include enhancements and new system implementation to be delivered within project
  • Work with other team members and other department to support and provide consultancy on IT security related issues.
  • Provide technical security  consultation  and  integrate  standard  security  practices  such  as COBIT, ITIL, and IS02700 t into operations and development environment.

Qualification

  • Degree or Diploma holder in Computer Science or equivalent/IT background.
  • At least 5 to 7 years of relevant working experience in IT environment/Security management.
  • Preferred certifications such as Certified Information System Security Professional (CfSSP) certification.
  • In-depth knowledge & experience in User Entity & Behavioral Analytics as well as Advanced Persistent Threats and Sandboxing technologies.
  • Sound knowledge in web application vulnerabilities, such as OWASP Top 10, Cross-site, Scripting, Application  security and SQL injections.
  • Good knowledge of security standards, best practices and risk assessment with analytical skill.
  • Familiar with operation ofNextGen/Web Application/Database Firewall, VPN, Anti-Virus, Anti-Spam, SIEM, Intrusion Prevention/Detection, Data Leakage Prevention System, Cloud Security, Desktop Security & Vulnerabilities Assessment.
  • Technically competent with good knowledge and skills in Network, Linux, UNIX, Windows and SAN, etc. 
  • Attention to details and sound decision-making abilities.
  • Independent, with initiative, positive attitude and keen interest in exploring the areas of IT security.
  • Good interpersonal verbal and writing skills.
Company Overview
Singapore Management University