System Engineer, Windows Operations and IT Security (School of Computing)

Interested applicants are invited to apply directly at theNUS Career Portal

Your application will be processed only if you apply via NUS Career Portal

We regret that only shortlisted candidates will be notified.

An IT Professional with advanced technical expertise in the areas of VM/Windows Operations and IT Security is required in the School of Computing to manage, maintain and secure its entire Windows and Virtualization IT infrastructure.

• Design, implement, manage and maintain the School’s IT infrastructure, especially computers, servers or equipment running on VM/Windows
• Manage day-to-day operations and ensure adequate capacity planning and high availability of the School’s servers and related services, including VMware, Proxmox, Windows, etc
• Manage storage solutions and backup systems, and implement appropriate backup policies, ensuring data protection, integrity and rapid recovery
• Develop, maintain, and test comprehensive DR and BCP for critical IT services
• Troubleshoot and resolve IT infrastructure issues, faults, incidents, etc
• Provide 2nd and 3rd level technical support to front-line technical support team
• Ensure proper IT security implementation and protection of services with sound IT security policies and principles in hardening, monitoring, detecting and defending the infrastructure
• Perform regular vulnerability management and end-point security protection: scanning, analyzing, prioritizing, remediating based on threat and vulnerability model
• Configure, implement and manage security tools such as system and security logging, access control configurations, intrusion detection, vulnerability assessment, host-based firewall, SIEM, etc
• Design, develop, improve and maintain systems/programs/scripts to implement software asset inventory and security baseline configuration on Windows and Linux platforms.
• Ensure the IT infrastructure adheres to security policies, eg enforce security baseline configurations in general and implement enhanced and targeted security protections whenever appropriate
• Monitor, respond and resolve risks and alerts timely
• Setup and provide technical support for teaching lab operations as well as practical lab sessions
• Provide IT-Security leadership and mentorship to SoC users and IT colleagues
• Develop new technical applications and services related to VM/Windows operations and IT security, and maintain existing ones
• Ensure proper documentation of work.

• Tertiary degree holders with Computer Science/Engineering, or relevant specialisation, preferable with Windows Security working experience
• Must be adaptive, pro-active, self-motivated with positive work attitude, able to work independently or collaboratively in teams, eg very strong ability to foster collaborative environment with other IT teams
• Very good analytical, problem-solving, communication and interpersonal skills, eg able to articulate technical and security risks and solutions to both academic, technical and non-technical stakeholders
• Highly organized and capable of managing multiple jobs and projects
• Able to act as a subject matter expert, providing technical leadership and mentorship with sound analysis and underlying principles of operation
• Good understanding of PC and Mac hardware and software application(s)
• Familiarity with MS Windows, macOS and Linux operating systems, including network operations in the respective OS
• Advanced knowledge in Windows Server OS, its administration and network operations (DNS, DHCP, File/Print Services, Domain Controller, etc). Preferably with relevant certification
• Knowledge in IT Security, Windows and Linux hardening measures, patch/update management. Preferably with relevant certification
• Advanced knowledge and practical experience in implementing Windows Security controls
• Knowledge of network protocols, firewall configurations, and intrusion detection/prevention
• Preferably with experience in supporting vulnerability scans (eg. Nessus)
• Preferably with experience in assisting with security alerts, log collection, triage, and escalation
• Familiarity with SIEM tools (Splunk, ELK, Sentinel) for event analysis preferred
• Must be able to code in a programming or scripting language (eg. Powershell, Bash, Python, etc) for automation of processes
• Must have understanding of common attack methods (eg. Phishing, malware, ransomware, privilege escalation, etc.)