Principal Security Engineer (3-year contract), Office of Integrated Information Technology Services
Singapore Management University | Date Posted: 29-Jan-2019
Diploma, Bachelor's / Honours
Threat Detection and Intelligence Management
- Assessing, evaluating, recommending & implementing security policy or technologies to address ongoing IT security threats to improve overall cyber intrusions/threats early detection capability.
- Building sandbox solutions to detect malicious files and suspicious executable binary in an isolated environment.
- Developing effective solutions to stop malicious code execution. Stopping 0-day exploits using exploit mitigation techniques and application whitelisting.
- Detecting and avoiding malware persistence
- 5. Detecting and preventing lateral movement of malware infected machines and monitor critical windows events
- Blocking and detecting command and control ( C&C traffics) through logs and traffic analysis
- Leveraging threat intelligence to improve SMU's security posture
Cyber Security Detection Systems Management and Operations
- Perform daily IT Security related operations/tasks for early identification & detection of cyber intrusions, threats & risks in
- Managing advanced analytics, machine learning or artificial intelligence technologies/systems to uncover hidden cyber threats.
- Coordinate and working with government agencies such as CSA, IDA or Cyber-Watch Centre (CWC) to obtain early warning of impending cyber-attacks.
- Continuous monitoring and cyber threats analysis to ensure IT Services are running smoothly and
- Conduct security assessments of requested or planned IT implementations such as identifying and classifying risks, threats, vulnerabilities in relation to SMU's IT security
- Managing security incidents' evidence preservation, analytic and
- Keep abreast with the latest trends and development in Cyber threats detection, mitigation technologies, methodologies, news and related threats
Cyber Security Project Management and Implementation
- Assist the Security Manager in keeping track of the operating budget for IT Security and manage the discharged project budget effectively to achieve optimum maintenance cost expenditures.
- Provide assistance to Security Manger on all IT Security matters and/or related projects to ensure the proposal, objective and plan are evaluate and executed successfully.
- 17. Responsible for managing IT Security projects for existing infrastructure that include enhancements and new system implementation to be delivered within project
- Work with other team members and other department to support and provide consultancy on IT security related issues.
- Provide technical security consultation and integrate standard security practices such as COBIT, ITIL, and IS02700 t into operations and development environment.
- Degree or Diploma holder in Computer Science or equivalent/IT background.
- At least 5 to 7 years of relevant working experience in IT environment/Security management.
- Preferred certifications such as Certified Information System Security Professional (CfSSP) certification.
- In-depth knowledge & experience in User Entity & Behavioral Analytics as well as Advanced Persistent Threats and Sandboxing technologies.
- Sound knowledge in web application vulnerabilities, such as OWASP Top 10, Cross-site, Scripting, Application security and SQL injections.
- Good knowledge of security standards, best practices and risk assessment with analytical skill.
- Familiar with operation ofNextGen/Web Application/Database Firewall, VPN, Anti-Virus, Anti-Spam, SIEM, Intrusion Prevention/Detection, Data Leakage Prevention System, Cloud Security, Desktop Security & Vulnerabilities Assessment.
- Technically competent with good knowledge and skills in Network, Linux, UNIX, Windows and SAN, etc.
- Attention to details and sound decision-making abilities.
- Independent, with initiative, positive attitude and keen interest in exploring the areas of IT security.
- Good interpersonal verbal and writing skills.
Singapore Management University