Assistant Lead Engineer - Endpoint Security (Cyber Operations & Technologies)

Position Overview

This Cybersecurity Engineer shall carry out the Cyber Security Office (CSO) role and deliver security operation services related to endpoint security, threat intelligence, and cyberattack response services and augmented/combined solution, system vulnerability scanning, incident response, security alerts of the Public Health Institutions (PHIs).

This is a 2 year direct contract role.

Role & Responsibilities

• Experience performing technical analysis involving threat event data and evaluating malicious activity

• Proven capability to consult on large enterprise information security matters

• Able to understand of cybersecurity threats, vulnerabilities, and exploits

• Must be comfortable acting as a liaison between Information Security, Legal, HR, and Audit teams during security incidents

• Deep knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP etc., and accompanying protocol/packet analysis/manipulation tools

• Working/in-depth knowledge of information security protection/detection and authentication systems (e.g. firewalls, IDS, IPS, anti-virus, etc.)

• Knowledge of commonly accepted information security principles and practices, as well as techniques attackers would use to identify vulnerabilities, gain unauthorized access, escalate privileges and access restricted information

• Exposure to security tools like vulnerability scanning, anti-malware solutions, Privileged Access Management

• Working understanding of operating systems, database systems, application system development and installation/implementation processes

• Experience in working with the business users and end-user-computing (EUC) engineers or 3rd party vendor in the aspect of deployment of antimalware/EDR solutions, security events/incident investigation

Requirements

• Degree in Computer Science, Engineering or equivalent

• At least 5 years working experience in risk assessment, vulnerability management and incident response

• Familiar with at least one vulnerability scanner

• Strong analytical skills and ability to work independently

• Good team player as well as strong English communications skills (including writing) with stakeholders at all levels

• Possess CompTIA Security Plus, incident handling, augmented security suite related security certifications

• Experience in healthcare industry is an added advantage