Senior Cyber Security Engineer

• Work with vendors to conduct security assessments and penetration tests.
• Identify security gaps, perform threat risk assessments in current setup and propose mitigating measures.
• Standardize and refine security incident response and escalation processes.
• Mitigate and contain threats when detected.
• Escalate security incidents and non-compliances on a timely basis.
• Work with IT infrastructure team to evaluate, implement and enhance the network perimeter security, endpoint security, SIEM, secured remote access, MFA, Identity Access Management and Privileged Access Management.
• Monitor information security alerts triage, mitigate, and escalate issues as needed.
• Provide security advisory to end users on regular basis.
• IT Security Management of various aspects, e.g. network security, server security, application security, end point security, email security, physical access security, logical access security, etc.

Requirements:

• Degree in engineering, science or information technology, or equivalent education.
• Preferably 5 years of related work experience in cybersecurity management and security governance.
• Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit / log review), technical vulnerability management (vulnerability assessment, penetration testing), application security, security technologies), security incident response and security assessment.
• Strong understanding of ISO27001 standard, and have gone through ISO 27001 certification.
• Strong understanding of NIST Cyber Security Framework.
• Strong background on the following IT Security Tools:
  • a. Next Generation Firewall (e.g., FortiGate, Palo Alto, Cisco FirePower)
  • b. Tenable Security Center Continuous View
  • c. Endpoint Protection (e.g., Symantec, Trend Micro, Sophos Endpoint)
  • d. Email Security (e.g, FireEye ETP, Cisco Email Security)
  • e. Data Loss Prevention (e.g., Symantec, ForcePoint, Digital Guardian)
  • f. SIEM (e.g., Splunk, QRadar)
• Have understanding of Risk Management, Disaster Recovery, Business Continuity and IT Regulatory Compliance.
• It will be advantageous to have at least one of these certifications: CISA, CISSP, or CISM.
• Prior IT security consulting experience will be advantageous.
• Job Reference: QWW43X5W

All Successful candidates can expect a very competitive remuneration package and a comprehensive range of benefits.

We regret that only shortlisted candidates will be notified