Security Engineer
OPTIMUM SOLUTIONS (SINGAPORE) PTE LTD
Key Responsibilities
- Develop, document, and maintain security policies, procedures, guidelines and baselines for cloud and hybrid environments
- Collaborate closely with the SoC team to analyse and fine-tune SIEM detection rules, correlation logic, and security policies to improve alert fidelity and suppress false positives
- Collaborate closely with the Security Engineering team to continuously strengthen detection and response capabilities, contributing to regular reviews and iterative improvements to security monitoring and alerting workflows.
- Track and report on the effectiveness of security controls through periodic review and fine tuning.
- Assist in developing risk assessment and security frameworks to support a comprehensive and consistent risk assessment methodology suited for cloud and hybrid environment.
- Assist in conducting in-depth security architecture reviews and threat modelling exercises for new and existing systems, systematically identifying attack surfaces, trust boundaries, and design-level weaknesses, and providing concrete, prioritised mitigation recommendations.
- Assist in performing structured risk assessments across infrastructure and application system for cloud and hybrid environments
What we are looking for
- Bachelor’s degree in Computer Science,Information Security, or related field.
- Minimum eight (8) years of relevant IT experience in deploying and managing security services for on-prem and cloud, including the design, development, implementation and/or management of the solution.
- Excellent communication skills and the ability to collaborate with diverse teams.
- Organised, independent and able to work with minimal supervision in a fast-paced working environment and adhere to organisational process and governance.
- Strong understanding of risk management methodologies and compliance frameworks
- Strong knowledge in security
- Experience with security tools and technologies,such as Security Information and Events Management, Data Loss Prevention,Database Activity Monitoring, Data Security and Protection, Privileged Access Management, File Integrity Monitoring, Web Application Firewall, Intrusion Prevent etc
- Professional certifications such as CISM, CRISC, CISSP, or equivalent are preferred.
- Relevant certifications such as AWS Certified Security - Specialty or Certified Cloud Security Professional (CCSP) are a plus.