Senior Security Engineer, Office of Integrated Information Technology Services
- IT Security Management
- Plan, implement and maintenance of enterprise security infrastructure in SMU as well as relevant hardware to meet SMU’s needs for teaching, learning & the various research areas.
- Plan, formulate and architect the growth of security infrastructure to cater to the needs of SMU community so as to provide a boost for staff productivity.
- Manage and operate installed security infrastructure to maintain high availability and performance of all IT systems while also driving projects for improvements and enhancements. Continually seek improvement within the security infrastructure.
- Responsible for implementing IT security policies and related procedures to protect SMU enterprise security infrastructure.
- Implement and enforce security measures and procedures (e.g. patch management, risk assessment and application vulnerability scanning) to protect SMU’s security resources.
- Educate, demonstrate and create awareness to both IT and Non-IT staff on the security arena such as ongoing IT Security Awareness Programme – Security talks, Periodic IT security advisory to SMU community, Phishing test, IT Security Quizzes and IT security work-about.
- Maintain security operation procedures (e.g. IT Disaster Recovery) to achieve improved service availability, reliability and redundancy.
- Consultancy and Support
- Provide support and consultancy to user in the areas of core enterprise IT services such as security assessment.
- Communicate technology limitations or features and sets expectations.
- Responsible for smooth operations of SMU’s enterprise security infrastructure; ensuring the continuous high availability and performance of the communications and connection within and outside of SMU.
- Identify, evaluate operations and support of core security services as well as related infrastructure hardware.
- Provide technical security consultation and integrate standard security practices such as COBIT, ITIL, and ISO27001 into operations and development environment.
- Projects and Operations
- Manage IT project for existing Security Infrastructure enhancement and new system implementation such as preventive monitoring, maintenance and proactive analysis of network traffics and systems.
- Establish project plans, milestones and deliverables in consultation with immediate supervisor.
- Provide leadership to project team to ensure that proposals, plans and projects (technical) are evaluated and successfully executed.
- Responsible for managing and handling of all IT security incidents and responses.
- Perform daily IT Security related operations support for IT security systems as well as liaising with vendors on all IT Security related Infrastructure matters.
- Monitor user requirements to keep up-to-date with latest technology developments in order to plan and improve the quality of use of enterprise Infrastructure resources.
- Analyze enterprise infrastructure implementations and make changes as required; particularly with the increase usage and higher capacity demand from users.
- Responsible for managing security operation and related administrative tasks. Ensure and improve the operations of the university’s enterprise security infrastructure within allocated budget.
- Degree Computer Science, Electronic/ Electrical Engineering or related disciplines or relevant practical hands-on experience.
- Experience in IT security operation support and administration with relevant IT Security certifications will be highly advantaged.
- Minimum 5 to 7 years of relevant working experience in IT environment/Security management.
- In-depth knowledge & experience in User Entity and Behavioral Analytics as well as APT Sandboxing Technologies.
- Sound knowledge in Web application vulnerabilities, such as OWASP Top 10, Cross-site Scripting, Application Security and SQL injections.
- Familiar with operation of NG/Web Application/Database Firewall, VPN, Anti-Virus, Anti- Spam, SIEM, Intrusion Prevention/Detection, Data Leakage Prevention System, Cloud Security, UEBA, EDR, Desktop Security & Vulnerabilities Assessment.
- Good Knowledge of security standards, best practices and risk assessment with analytical skill.
- Strong technology and common business acumen.
- A self-starter, always striving for excellence, innovative with service oriented mindsets and initiative to improve processes.
- Attention to details, sound decision-making abilities, Independent, with initiative, positive attitude and keen interest in exploring the areas of IT security.
- Good interpersonal verbal and writing skills.
Candidates who do not possess the stipulated qualifications but have relevant work experience may still apply. Remuneration and appointment terms shall commensurate with qualifications and experience. SMU reserves the right to modify the appointment terms where necessary.
Singapore Management University