Infrastructure Security Engineer
SPH MEDIA LIMITED
Job Description
• This role will be responsible for crafting and building security requirements to support a variety of high-demand infrastructure projects.
• Operate security products and devices such as CyberArk, CrowdStrike, Qualys, ETP, Netskope, Trend Micro, Symantec Endpoint Protection, DAM, etc.
• Engineer, implement, and monitor security measures for the protection of on-premise infrastructure.
• Analyze threats and current security controls to identify gaps in the current defense posture.
• Contribute to systems incident response and event handling with the outsourced MSS provider.
• Perform maintenance and system upgrades including service packs, patches, hotfixes, and security configurations with support from third parties.
• Define security requirements based on SPH risk assessments and document Security Standards and Procedures for on-premise technologies and public cloud.
• Run monthly patching and vulnerability scans for infrastructure using vulnerability scanners.
• Run CIS hardening scans for Windows and Linux OS.
• Provide Level-1/2 support and troubleshooting to resolve issues for security-related devices.
• Work within established configuration and change management policies to ensure awareness, approval, and success of changes made to the security devices.
• Select and implement security tools, policies, and procedures in conjunction with the company's security team.
• Liaise with vendors and other IT personnel for problem resolution.
• Generate and share weekly/monthly reports with management.
C. Job Profile
Required Work Experience, Skills and Knowledge
• 4 to 6 years of experience operating security technologies, such as SIEM, EDR, EPP, Cloud Proxy, PAM, Scanning tools, ETP, DAM, etc.
• 4 to 6 years of infrastructure security experience working with major firewall or security platforms (Fortinet, CyberArk, CrowdStrike, Qualys, ETP, Netskope, Trend Micro, Symantec Endpoint Protection, DAM, etc).
• 2 to 4 years of experience operating with public and private cloud, preferably AWS.
• Knowledge in AWS security, governance, and compliance services such as GuardDuty, Security Hub, Trusted Advisor, AWS Firewall, AWS Shield, CloudTrail, etc., would be a plus.
• Strong knowledge of networking - either classic (switching, dynamic routing protocols, static and rule-based routing, etc.) or cloud (VPC, peering, gateways, SD-WAN secure fabric).
• Good understanding of encryption and tunneling protocols (PKI, IPSec, SSL VPN, TLS, IKE, IKEv2, etc.)
• Familiarity with cloud technologies and infrastructure virtualization (IaaS, PaaS, SaaS, NFV, SDN, SD-WAN).
• Understanding of CIS baseline security requirements and platform hardening principles.
• Experience in creating SOP documents, diagrams (Visio), and presentations (PowerPoint).
• Knowledge of the ITIL framework and principles.
Required Competencies
• Excellent communication, interpersonal, and problem-solving skills.
• Team player and self-motivated.
• Familiarity with project management approaches, tools, and phases of the project lifecycle.
• A pragmatic and flexible mindset to succeed in an ever-changing and dynamic environment.
• Ability to learn and adapt to new technologies.
• Ability to proactively carry out tasks independently.
Required Qualifications
• Certified Security Product Professional (CyberArk, CrowdStrike, Qualys, etc.)
• Any security product certification would be a plus.
• University degree in Computer Science or a related field.
• This role will be responsible for crafting and building security requirements to support a variety of high-demand infrastructure projects.
• Operate security products and devices such as CyberArk, CrowdStrike, Qualys, ETP, Netskope, Trend Micro, Symantec Endpoint Protection, DAM, etc.
• Engineer, implement, and monitor security measures for the protection of on-premise infrastructure.
• Analyze threats and current security controls to identify gaps in the current defense posture.
• Contribute to systems incident response and event handling with the outsourced MSS provider.
• Perform maintenance and system upgrades including service packs, patches, hotfixes, and security configurations with support from third parties.
• Define security requirements based on SPH risk assessments and document Security Standards and Procedures for on-premise technologies and public cloud.
• Run monthly patching and vulnerability scans for infrastructure using vulnerability scanners.
• Run CIS hardening scans for Windows and Linux OS.
• Provide Level-1/2 support and troubleshooting to resolve issues for security-related devices.
• Work within established configuration and change management policies to ensure awareness, approval, and success of changes made to the security devices.
• Select and implement security tools, policies, and procedures in conjunction with the company's security team.
• Liaise with vendors and other IT personnel for problem resolution.
• Generate and share weekly/monthly reports with management.
C. Job Profile
Required Work Experience, Skills and Knowledge
• 4 to 6 years of experience operating security technologies, such as SIEM, EDR, EPP, Cloud Proxy, PAM, Scanning tools, ETP, DAM, etc.
• 4 to 6 years of infrastructure security experience working with major firewall or security platforms (Fortinet, CyberArk, CrowdStrike, Qualys, ETP, Netskope, Trend Micro, Symantec Endpoint Protection, DAM, etc).
• 2 to 4 years of experience operating with public and private cloud, preferably AWS.
• Knowledge in AWS security, governance, and compliance services such as GuardDuty, Security Hub, Trusted Advisor, AWS Firewall, AWS Shield, CloudTrail, etc., would be a plus.
• Strong knowledge of networking - either classic (switching, dynamic routing protocols, static and rule-based routing, etc.) or cloud (VPC, peering, gateways, SD-WAN secure fabric).
• Good understanding of encryption and tunneling protocols (PKI, IPSec, SSL VPN, TLS, IKE, IKEv2, etc.)
• Familiarity with cloud technologies and infrastructure virtualization (IaaS, PaaS, SaaS, NFV, SDN, SD-WAN).
• Understanding of CIS baseline security requirements and platform hardening principles.
• Experience in creating SOP documents, diagrams (Visio), and presentations (PowerPoint).
• Knowledge of the ITIL framework and principles.
Required Competencies
• Excellent communication, interpersonal, and problem-solving skills.
• Team player and self-motivated.
• Familiarity with project management approaches, tools, and phases of the project lifecycle.
• A pragmatic and flexible mindset to succeed in an ever-changing and dynamic environment.
• Ability to learn and adapt to new technologies.
• Ability to proactively carry out tasks independently.
Required Qualifications
• Certified Security Product Professional (CyberArk, CrowdStrike, Qualys, etc.)
• Any security product certification would be a plus.
• University degree in Computer Science or a related field.
JOB SUMMARY
Infrastructure Security Engineer
SPH MEDIA LIMITED
Singapore
17 hours ago
N/A
Full-time
Infrastructure Security Engineer