Network Security Engineer

The Network Security team in Singapore is currently looking for an IT Security Professional to support security tools such as firewalls, Micro-segmentation / ZTN, WAF and Intrusion Prevention/Detection Systems for BAU and projects.

• Monitor and control tasks to ensure IT Governance on Network Security processes are executed correctly.
• Design, validate, implement and document end-to-end processes workflows on security implementations.
• Handle internal customer inquiries with firewall consultation and troubleshoot technical issues effectively.
• Ensure to complete the deliverables for global projects within the scope of ProdSec – Network Security.
• Implement the network segmentation concepts to achieve Zero-trust network solutions and micro segmentation solutions.
• Implement firewall rules and troubleshoot when incidents occur, Participate in update/ upgrade/ migration of security tools used by the team.
• Manage Zero-Day web-security vulnerabilities and lead security-operations activities.
• Analyze web-security policies and signature updates, assess risk to banking applications, and recommend mitigations.
• Liaise with external vendors for technical support and new-project solutions.
• Identify process improvement opportunities and automate or finetune workflows using existing or new tools.
• Participate in update/upgrade/migration of security tools used by the team.
• Maintain clear and functional documentations on process guides, technical instructions, etc.
• Support additional tasks and initiatives within the Network-Security team as required.
• Participate in the Permanent Control framework, helping to embed policies and procedures (e.g., Control Plan) into daily operations.
• Assist with Internal-Audit response activities.
• Contribute to the enhancement of Production-Security tools used for tracking and managing security incidents.

• Bachelor’s degree in Computer Science or a related field.
• At least 5 years of experience in the IT Security domain, experience in Network Security skills is most preferred.
• Proficient in Microsoft office products and ServiceNow.
• Strong fundamental understanding of Network Security, Network and Micro-segmentation and its real-world applications.
• Must have knowledge on the Firewall Rule coding and Rule analysis on the FortiGate / FortiManager, Checkpoint R81.10 or R81.20 Smart console.
• Hands-on experience in firewall filtering mechanisms and must be good in understanding far-end coding and Zero-trust network principles.
• Experience in Illumio PCE Version 24.X and implementation of micro-segmentation with label-based policy implementation will be highly preferred.
• Handle the WAF operations – signature updates, enforcements and review the application security events and take appropriate actions in strengthening application security policies.
• Working experience on F5 ASM, Broadcom AVI Nextgen Load balancing/ WAF module is recommended.
• Excellent communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner.
• Proficiency in writing programming/ scripting languages (Python, PowerBI, any other language) is a plus.
• Experience in handling production issues and collaborate with other operational teams and drive for the root cause analysis.
• Extend the support in the off-business hours to fix any production impacting security incidents.
• Any Firewall/NAC Certification, WAF and any relevant Security Certification.
• Experience in Project management, must be able to work in dynamic, rapidly changing environments.
• Organized, self-motivated, autonomous, curious, service-oriented and highly implicated in IT Security.