Senior IT Security Analyst (Information Security Department) [NIE]
ABOUT THE NATIONAL INSTITUTE OF EDUCATION (NIE)
The National Institute of Education (NIE), Singapore, is Singapore's national teacher education institute and we are proud to be an integral part of the nation's education service. We play a key role in the preparation of teachers and in the provision of teacher professional and school leadership development programmes. We are committed to our vision of being An Institute of Distinction: Leading the Future of Education and our mission to Inspire Learning, Transform Teaching and Advance Research. Read more about NIE here.
NIE invites suitable candidates to join the Division of Academic Computing & Information Services (ACIS) as a Senior IT Security Analyst (3-year contract).
Key Responsibilities:
Incident Response Leadership
Monitoring and Detection
AI and Automation
Threat Statistics and Reporting
Innovation and Continuous Improvement
Forensics Capability Development
Requirements:
Closing Date
The closing date of the advertisement is 8 November 2024. We regret that only shortlisted candidates will be notified.
Other Information
NIE staff can take chartered buses at their own expense from or near their home to the NIE campus. This is subject to the availability of bus routes and seats.
Hiring Institution: NIE
The National Institute of Education (NIE), Singapore, is Singapore's national teacher education institute and we are proud to be an integral part of the nation's education service. We play a key role in the preparation of teachers and in the provision of teacher professional and school leadership development programmes. We are committed to our vision of being An Institute of Distinction: Leading the Future of Education and our mission to Inspire Learning, Transform Teaching and Advance Research. Read more about NIE here.
NIE invites suitable candidates to join the Division of Academic Computing & Information Services (ACIS) as a Senior IT Security Analyst (3-year contract).
Key Responsibilities:
Incident Response Leadership
- Oversee the entire incident response lifecycle from detection to resolution.
- Lead investigations of IT security incidents and ensure thorough root cause analysis and remediation.
- Develop and maintain incident response playbooks and procedures.
- Coordinate with internal, external stakeholders, and vendors during incidents.
- Conduct post-incident reviews and report findings to management.
Monitoring and Detection
- Develop and implement advanced threat detection and monitoring strategies.
- Utilize SIEM, EDR, and other security tools for timely incident detection.
- Perform threat hunting and proactive security assessments.
- Collaborate with IT teams to deploy and optimize security solutions.
AI and Automation
- Integrate AI and automation technologies to enhance security operations.
- Develop automated workflows and scripts for incident response and routine tasks using SOAR.
- Leverage machine learning and AI-driven tools for threat detection and analysis.
- Stay updated with advancements in AI and evaluate their applicability to security operations.
- Apply system design thinking to security solutions.
Threat Statistics and Reporting
- Analyze and compile statistics on threats relevant to the Institute.
- Prepare and present detailed reports on threat statistics to stakeholders.
- Use data visualization tools to communicate threat trends and insights.
Innovation and Continuous Improvement
- Evaluate and integrate new technologies to enhance security operations.
- Foster a culture of continuous improvement within the team.
- Encourage continuous learning and professional development.
Forensics Capability Development
- Enhance the team's digital forensics capabilities.
- Develop forensic investigation procedures and protocols.
- Train team members in forensic tools and methodologies.
- Oversee the collection, preservation, and analysis of digital evidence.
- Collaborate with legal and compliance teams to ensure regulatory alignment.
- Conduct regular drills and simulations for forensic readiness.
Requirements:
- Degree in Information Systems, Computer Science, Cybersecurity, or a related field.
- Professional Certification(s) in incident handling and security analysis preferred.
- GCIH or its equivalent is preferred
- Minimum of 8 years of progressive experience in IT security, with a focus on Incident response
- Minimum of 4 years of experience in a security operations center, with proven leadership capabilities.
- Intermediate knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration
- Proven experience in managing incident response and performing threat hunting
- Proven experience in integrating AI and automation in IT Security using Security Orchestration Automated Response (SOAR) technologies.
- Proficiency in Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), traffic and packet analysis, digital forensics, and cloud security.
- Experience in Blue/Purple teaming, firewall, Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF) administration, virtualization, and cloud technologies.
- Experience in monitoring and administering host-based intrusion detection systems.
- Knowledge and experience in Linux/Windows/Database technologies preferred.
- Strong knowledge of industry standards and information security policy frameworks.
- Hands-on experience with scripting and automation tools to enhance security operations.
- Ability to conduct gap analysis of current processes and identify opportunities for improvement.
- Evaluate internal and external environments for threats related to Information Security and act as a subject matter expert to ensure these are properly addressed and controlled.
- Continuously improve event correlation and alerting processes and use cases to detect potential incidents.
- Automate manual processes to enhance security incident response.
- Experience with network security assessment tools.
- Excellent leadership and team management skills, with the ability to inspire and motivate a team.
- Strong communication skills, with the ability to effectively interact with stakeholders at all levels, including University administration.
- Demonstrated ability to drive strategic initiatives and lead a team through change.
- Exceptional problem-solving skills and the ability to think critically under pressure.
- Ability to interview stakeholders to define and document business requirements.
- Provide advice and guidance on response action plans for information risk events and incidents based on incident type and severity.
Closing Date
The closing date of the advertisement is 8 November 2024. We regret that only shortlisted candidates will be notified.
Other Information
NIE staff can take chartered buses at their own expense from or near their home to the NIE campus. This is subject to the availability of bus routes and seats.
Hiring Institution: NIE
JOB SUMMARY
Senior IT Security Analyst (Information Security Department) [NIE]
Singapore
6 days ago
N/A
Full-time