Senior/Principal Security Engineer, IITS
Threat Detection and Intelligence Management
- Assessing, evaluating, recommending & implementing security policy or technologies to address ongoing IT security threats to improve overall cyber intrusions/threats early detection capability.
- Building sandbox solutions to detect malicious files and suspicious executable binary in an isolated environment.
- Developing effective solutions to stop malicious code execution. Stopping 0-day exploits using exploit mitigation techniques and application whitelisting.
- Detecting and avoiding malware persistence
- 5. Detecting and preventing lateral movement of malware infected machines and monitor critical windows events
- Blocking and detecting command and control ( C&C traffics) through logs and traffic analysis
- Leveraging threat intelligence to improve SMU's security posture
Cyber Security Detection Systems Management and Operations
- Perform daily IT Security related operations/tasks for early identification & detection of cyber intrusions, threats & risks in
- Managing advanced analytics, machine learning or artificial intelligence technologies/systems to uncover hidden cyber threats.
- Coordinate and working with government agencies such as CSA, IDA or Cyber-Watch Centre (CWC) to obtain early warning of impending cyber-attacks.
- Continuous monitoring and cyber threats analysis to ensure IT Services are running smoothly and
- Conduct security assessments of requested or planned IT implementations such as identifying and classifying risks, threats, vulnerabilities in relation to SMU's IT security
- Managing security incidents' evidence preservation, analytic and
- Keep abreast with the latest trends and development in Cyber threats detection, mitigation technologies, methodologies, news and related threats
Cyber Security Project Management and Implementation
- Assist the Security Manager in keeping track of the operating budget for IT Security and manage the discharged project budget effectively to achieve optimum maintenance cost expenditures.
- Provide assistance to Security Manger on all IT Security matters and/or related projects to ensure the proposal, objective and plan are evaluate and executed successfully.
- 17. Responsible for managing IT Security projects for existing infrastructure that include enhancements and new system implementation to be delivered within project
- Work with other team members and other department to support and provide consultancy on IT security related issues.
- Provide technical security consultation and integrate standard security practices such as COBIT, ITIL, and IS02700 t into operations and development environment.
- Degree or Diploma holder in Computer Science or equivalent/IT background.
- At least 5 to 7 years of relevant working experience in IT environment/Security management.
- Preferred certifications such as Certified Information System Security Professional (CfSSP) certification.
- In-depth knowledge & experience in User Entity & Behavioral Analytics as well as Advanced Persistent Threats and Sandboxing technologies.
- Sound knowledge in web application vulnerabilities, such as OWASP Top 10, Cross-site, Scripting, Application security and SQL injections.
- Good knowledge of security standards, best practices and risk assessment with analytical skill.
- Familiar with operation ofNextGen/Web Application/Database Firewall, VPN, Anti-Virus, Anti-Spam, SIEM, Intrusion Prevention/Detection, Data Leakage Prevention System, Cloud Security, Desktop Security & Vulnerabilities Assessment.
- Technically competent with good knowledge and skills in Network, Linux, UNIX, Windows and SAN, etc.
- Attention to details and sound decision-making abilities.
- Independent, with initiative, positive attitude and keen interest in exploring the areas of IT security.
- Good interpersonal verbal and writing skills.
Candidates who do not possess the stipulated qualifications but have relevant work experience may still apply. Remuneration and appointment terms shall commensurate with qualifications and experience. SMU reserves the right to modify the appointment terms where necessary.
Singapore Management University