ALTEN Group is a world leader in Engineering and Technology consulting services providing outsourced Engineering, R&D, and IT Services for different industries such as Transportation, Defence, Energy and Security with 55,000 engineers in nearly 35 countries. ANOTECH is the subsidiary of the Group delivering ALTEN's Engineering Services in Singapore.

As a System Security Engineer, you will be responsible for designing, building and maintaining structures or processes.

Responsibilities:

Provide security expertise and management services to support Authority in activities such as:

• Internal / external audits (IM8, Cybersecurity, etc)

• Policies compliance (IM8, Cybersecurity, etc), work with vendor on:

v Vulnerability management compliance reports and patch reports

v Filing of documents and Security Scorecard for audit purpose, to produce it as required

v Monthly logs review. E.g., privilege user activities

v Vulnerability/ Compliance Assessments

v Penetration Tests and Source Code Reviews

• Disaster Recovery (DR) and Business Continuity Planning (BCP):

v All relevant activities related to the DR and BCP planning

v Checks on system backup completion by vendor and datacentre

v Document update and implementations.

• ICT/Threat Risk Assessments (TRA)

• Monthly reviews of privileged accounts and non-privileged account, disable inactive accounts

• Seek security waivers (IM8, Cybersecurity Act, Circulars etc)

• Circulate security notifications/alerts to vendors and ensure status updates too all stakeholders including cybersecurity centre

• Security monitoring/tracking:

v Monitor alerts from SOC

v Update stakeholders regarding SOC alerts

v Review compliance reports with vendors to ensure that system is compliant

v Manage, track and update any security incidents/ issues to all stakeholders

v Review Incident Report (if any)

• Patching:

v Ensure patches are tested and verified before seeking approval for patching downtime

v Communicate system downtime to all stakeholders

v Ensure system availability after patching is completed

• Obsolescence management for software licenses, hardware, operating systems and certificates

• Security enhancement/ integration

• Support the submission of security clearance for related vendors

• Perform other related duties as assigned or requested

Requirements:

• Diploma or Bachelor's Degree in Cybersecurity/ InfoSec/ Information Technology / Information Systems / Business IT or its equivalent

• Relevant professional certifications, such as CISSP, CISM, CEH, or other security certifications

• Minimally 1-2 years of experience in cybersecurity and supporting mission critical systems with very stringent SLA e.g. 99.9%

• Well-versed in cybersecurity best practices and establishing of its policies

• Well-versed in IT Service Management (ITSM) standards, processes, guidelines and best practices

• Able to cope in a highly pressured fast-paced environment

• Prior working experience in cyber security and vulnerability management is preferred

• Strong knowledge of security principles, best practices, and industry standards, such as NIST, ISO 27001, and CIS Critical Security Controls

• Able to understand security posture of systems

• Prior working experience in Project Management is a plus point

• Able to understand the system and software architecture, and user operations environment

• Willingness to pick up any new technologies