Senior/Principal Security Engineer, IITS

Singapore Management University| Date Posted: 26-Jun-2020
Save Job
Job Nature:
Position Level:
Job Category:
Diploma, Bachelor's / Honours

Job Description

Threat Detection and Intelligence Management

  • Assessing, evaluating,  recommending  &  implementing  security  policy  or  technologies  to address   ongoing  IT  security  threats  to  improve  overall  cyber   intrusions/threats   early detection capability.
  • Building sandbox solutions to detect malicious files and suspicious executable binary in an isolated environment.
  • Developing effective solutions to stop malicious code execution. Stopping 0-day exploits using exploit mitigation techniques and application whitelisting.
  • Detecting and avoiding malware persistence
  • 5. Detecting  and  preventing  lateral  movement  of  malware  infected  machines  and  monitor critical windows events
  • Blocking and  detecting  command  and  control  (  C&C  traffics)    through  logs  and  traffic analysis
  • Leveraging threat intelligence to improve SMU's security posture

Cyber Security Detection Systems Management and Operations

  • Perform daily IT Security related operations/tasks for early identification & detection of cyber intrusions, threats & risks in
  • Managing advanced analytics, machine learning or artificial intelligence technologies/systems to uncover hidden cyber threats.
  • Coordinate and  working  with  government  agencies  such  as CSA,  IDA  or  Cyber-Watch Centre (CWC) to obtain early warning of impending cyber-attacks.
  • Continuous monitoring  and  cyber  threats  analysis  to  ensure   IT  Services  are  running smoothly and
  • Conduct security  assessments   of   requested   or   planned   IT   implementations   such   as identifying and classifying risks, threats, vulnerabilities in relation to SMU's IT security
  • Managing security incidents' evidence preservation, analytic and
  • Keep abreast with the latest trends and development in Cyber threats detection, mitigation technologies, methodologies, news and related threats

Cyber Security Project Management and Implementation

  • Assist the Security Manager in keeping track of the operating budget for IT Security and manage the discharged project budget effectively to achieve optimum maintenance cost expenditures.
  • Provide assistance to Security Manger on all IT Security matters and/or related projects to ensure the proposal, objective and plan are evaluate and executed successfully.
  • 17. Responsible for managing  IT Security  projects for existing  infrastructure  that  include enhancements and new system implementation to be delivered within project
  • Work with other team members and other department to support and provide consultancy on IT security related issues.
  • Provide technical security  consultation  and  integrate  standard  security  practices  such  as COBIT, ITIL, and IS02700 t into operations and development environment.


  • Degree or Diploma holder in Computer Science or equivalent/IT background.
  • At least 5 to 7 years of relevant working experience in IT environment/Security management.
  • Preferred certifications such as Certified Information System Security Professional (CfSSP) certification.
  • In-depth knowledge & experience in User Entity & Behavioral Analytics as well as Advanced Persistent Threats and Sandboxing technologies.
  • Sound knowledge in web application vulnerabilities, such as OWASP Top 10, Cross-site, Scripting, Application  security and SQL injections.
  • Good knowledge of security standards, best practices and risk assessment with analytical skill.
  • Familiar with operation ofNextGen/Web Application/Database Firewall, VPN, Anti-Virus, Anti-Spam, SIEM, Intrusion Prevention/Detection, Data Leakage Prevention System, Cloud Security, Desktop Security & Vulnerabilities Assessment.
  • Technically competent with good knowledge and skills in Network, Linux, UNIX, Windows and SAN, etc. 
  • Attention to details and sound decision-making abilities.
  • Independent, with initiative, positive attitude and keen interest in exploring the areas of IT security.
  • Good interpersonal verbal and writing skills.

Other Information

Candidates who do not possess the stipulated qualifications but have relevant work experience may still apply. Remuneration and appointment terms shall commensurate with qualifications and experience. SMU reserves the right to modify the appointment terms where necessary.

Company Overview
Singapore Management University