Senior/Principal Cybersecurity Engineer (Operations & Governance)

PURPOSE

The role entails managing the security of the company’s IT and 5G networks by ensuring the infrastructure is adequately protected through the adherence and implementation of regulatory and industry best practices, identifying and mitigating risks through the establishment of robust security policies and controls.

MAJOR DUTIES AND RESPONSIBILITIES OF THE SENIOR/PRINCIPAL CYBERSECURITY ENGINEER (OPERATIONS & GOVERNANCE)

1. Subject Matter Expertise:

• Serve as an expert for security systems, offering deep technical knowledge and leadership.
• Champion innovative cybersecurity solutions and initiatives to strengthen organisational defences.
• Manage external vendors, ensuring adherence to SLAs and KPIs.
• Mentor and guide junior team members, fostering skill development and knowledge sharing within the security team.

2. Security Operations and Governance:

• Manage security systems and tools to detect and respond to potential security threats or suspicious activities.
• Configure and optimise security systems such as firewalls, IAM, SIEM, SOAR, DDoS, DLP, anti-virus software, and other security-related software and hardware.
• Develop and assess firewall, application control, antivirus, SIEM, VPNs, SSL and other network security policies.
• Lead and collaborate with vendor, internal/external counterparts to ensure the organisation's security posture is maintained and improved.
• Contribute to the development and execution of security awareness training program within the organisation in collaboration with external parties e.g. Mobile Network Operators, vendors, regulatory
• Design and implement security processes and protocols, ensuring alignment with organisational security goals and objectives.
• Contribute to the development of comprehensive cybersecurity governance strategies in line with global best practices and industry benchmarks e.g. TCS, NIST, CIS, ISO27000
• Plan, manage, and execute detailed cybersecurity risk assessments and audits, including facilitating security drills and tabletop exercises to identify vulnerabilities and define corrective actions.
• Manage vulnerability identification and remediation efforts, working closely with vendors and business units within organisations to ensure mitigation strategies are timely and effective.
• Manage security risks, support security projects, and facilitate internal/external audits for compliance and remediation.
• Manage security hardening and establish hardening baselines based on best practices.

3. Incident Management, Threat Intelligence and Analysis:

• Develop and enhance incident response plans in collaboration with internal/external stakeholders, ensuring readiness for a broad range of potential threats.
• Coordinate and conduct regular response drills, including red and blue teaming exercises, to ensure the organisation is equipped to handle real-world cyber incidents.
• Act as an escalation point for incidents, providing expert guidance and ensuring a rapid, coordinated response.
• Coordinate and respond to security incidents, ensuring proper incident management and response protocols are followed.
• Provide on-time accurate reporting to senior management and relevant stakeholders (internal/external) during an incident.
• Lead incident investigations, managing response efforts with a clear focus on minimising business impact and restoring operations.
• Lead threat modelling efforts, conducting risk assessments to address emerging threats and evolving attack techniques in collaboration with vendors.
• Develop and maintain cyber incident response playbooks
• Recommend and implement tools to enhance security posture.

4. Project Delivery and Management:

• Initiate and oversee IT and network security infrastructure projects to ensure robust protection and operational efficiency in collaboration with vendors and in-house team.
• Strategise, plan, and execute infrastructure security initiatives, aligning with organisational goals.
• Administer and optimise centralised security platform tools for streamlined operations.
• Monitor progress, track milestones, and ensure timely completion of project deliverables within budget.

5. Technical Experiences:

• Work with technologies such as Firewalls (e.g. Palo Alto, Fortinet, Checkpoint), NAC (e.g. Cisco, Fortinet), VPN (e.g. Cisco, Fortinet), load balancers (e.g. F5, Citrix), IAM (e.g. CyberArk, Nokia IAM), SIEM (e.g. Splunk, QRadar, ArcSight, Elastic), SOAR (e.g. XSOAR, Nokia NetGuard), DDoS (e.g. Cloudflare, DOSarrest), DLP (e.g. Microsoft, Forcepoint), anti-virus software (e.g. TrendMicro, CrowdStrike, Trellix), routers and switches (e.g. Cisco, Juniper).
• Manage network security for on-premises and cloud environments.
• Work with encryption technologies and protocols.
• Prepare procedures for upgrading/patching security infrastructure.
• Maintain technical documentation.

JOB REQUIREMENTS AND PREFFERED QUALIFICATIONS

• Degree in IT, Computer Science, Information Technology, or related fields.
• At least 7 years of relevant information security experience and driving security projects.
• Experience in domains of Cyber Security Operations, Incident Response, Forensic Investigation, Threat Intelligence, or Vulnerability Management preferred.
• Good understanding of security protocols, cryptography, authentication, and authorisation.
• Strong knowledge in Networking, Firewalls, VMWare, Kubernetes, Load Balancers, Active Directory, Windows, LINUX platforms, and Mitre framework.
• Experience in security solutioning, operations, project management and implementation.
• Professional information security certification preferred (e.g. CompTIA Security+, CISSP, CISA, CISM)
• Understanding of IMDA Telecommunications Cybersecurity Code of Practice (TCS Code), Singapore Cybersecurity Act 2018, CCoP, ISO 27001, and CIS hardening guide.
• Strong understanding of MITRE ATT&CK and ICS MITRE frameworks.
• Excellent interpersonal, presentation, writing, and communication skills.
• Highly motivated, willing to learn new technologies, and able to work under pressure.
• Team player with the ability to work independently.