Security Engineer | Yearly renewable contract | Up to $7250 - #1129449

Summary

You will be part of a team of highly motivated individuals in the IT Governance Team, managing the services delivery and operations support. You should have proven track records in areas of Stakeholder Management, IT Service Management, Cybersecurity Incident Management, IT Security Management, and IT Security Compliance & QA Management. You should also be familiar with relevant IT Infrastructure domains.

SCOPE OF WORK

You will be performing the following scope of work for the IT Security systems and devices

CARBON BLACK
The management of the Endpoint Detection and Response (EDR) system shall minimally include and not limited to the following:  
• Administration of Carbon Black EDR servers configuration
• Checking and recommend for new threat intelligence feeds
• Administration of Carbon Black configuration sensor group
• Administration of user account
• Management of EDR agents in servers
• Generation of reports
The current EDR system is Carbon Black EDR. The abovementioned scope of work shall apply in the event of a change in the product.
 
TREND MICRO / TRELLIX
The management of the Server Anti-Virus System in GDC and in HPB HQ shall minimally include and not limited to the following:
• To administrate Trend Micro Deep Security Manager
• To administrate the active update from TrendMicro update server
• To administrate of updates to the agents
• To administrate virtual patching
• To add/remove agents under monitoring
• To manage the Virtual Patching feature in the servers
• To manage the configuration of policies and the deployment of these policies
• To generate weekly report to agency
The current the Server Anti-Virus System in HPB is Trend Micro Deep Security. The abovementioned scope of work shall apply in the event of a change in the product.
 
IMPERVA
The management of the Imperva in shall minimally include and not limited to the following:
• To administrate Imperva SecureSphere, Imperva Data Risk Analytics
• To administrate of update gateways, management servers
• To administrate of updates to the agents
• To administrate patching
• To add/remove agents under monitoring
• To manage the configuration of policies and the deployment of these policies
• To generate daily/weekly/monthly report to agency
 
ARCSIGHT
The management of the ArcSight in shall minimally include and not limited to the following:
• To administrate Imperva ArcSight LMS
• To administrate of updates to the agents
• To administrate patching
• To add/remove agents under monitoring
• To manage the configuration of policies and the deployment of these policies
• To generate daily/weekly/monthly report to agencyJob ResponsibilityIT Configuration Management
• Periodically review IT asset inventory (hardware, software, network equipment, network attached equipment and end-points) records maintained and updated by Client appointed Asset Officer.
• Maintain oversight and review the Obsolescence at System Family Level.
• Prepare and submit report to Client
Incident Management
• Lead investigation and resolution of Security incident
• Conduct root cause analysis and recommend improvement solution for recurrent incident to Client.

IT Security Management
• Schedule security scan for identified systems according to policies and verify all vulnerability rectifications are satisfactorily performed.
• Conduct Security Review on System Access and administration patterns weekly, and report unusual or suspicious activities, if any, to client.
• Track, mitigate and deploy patch security vulnerabilities accordingly to the stipulated timeline. Maintain oversight and submit reports on monthly basis.
• Escalate and/or seek Client’s acceptance and approval of assessed risks.
• Manage and administer any security monitoring tools including splunk, arcsight, EDR are addon advantage.

IT Security Compliance & QA Management
• Ensure compliance status of the Systems adheres to applicable standards, polices, directives and guidelines.
• Review weekly/monthly account review based on the requirements.
• Review weekly/monthly log review based on the requirements.
• Declare, review and report compliance status to head office annually.
• During audit exercise, work with stakeholders to provide responses and evidence to auditors or compliance related declarations.
• Provide a Rectification Plan on any gaps found.
• Provide rectification plan for issues arising from audit.
• Seek waiver on compliance whenever it is justifiable.
• Ensure all applicable standards, policies, directives, guidelines, deliverables and quality assurance records are filed and kept up to date for audit and review purposes.
• Work with Client on system enhancement required for policy changes and audit requirements.

Requirement

• B.E/B.Tech or any qualified Degree in Information Systems, Computer Science or similar relevant field

• At least 3 years of relevant experience in Cybersecurity / information systems security practice including governance, managing security policies and systems, including scripting and handling various tools including Imperva, EPP, ERD, HTVL, DAM, Nessus etc

• Candidate must have scripting knowledge to work on above tools to create automation if required

• Well-versed and experienced in relevant IT Infrastructure domains will be an advantage

We regret to inform that only shortlisted candidates will be notified.

Interested candidates, please click on the following link to begin your job search journey and submit your curriculum vitae (CV) directly through the official PERSOL job application platform - GO.

By sending us your personal data and curriculum vitae (CV), you are deemed to consent to PERSOL Singapore Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at https://www.persolsingapore.com/policies. You acknowledge that you have read, understood, and agree with the Privacy Policy.

PERSOL Singapore Pte Ltd • RCB No. 200007268E • EA License No. 01C4394• Reg. R24121115, Lucas Tan