- JN -042023-1931410
- Aug 25, 2023
We are partnering with our esteemed client in the government sector to recruit experienced Cybersecurity Engineers to support application security projects in cloud environment.
You will research and identify potential security risks using Threat and Risk Assessment framework, and develop actionable measures to be applied across systems for the government agencies.
About the Role:
- Perform security risk assessments for large projects or systems.
- Explore technologies and best practices to support development of standards.
- Support business initiatives through risk management, which involves performing security risk assessment to identify and analyse security risks, recommending risk treatment and mitigation measures, and assess residual risks.
- Ensure that key security requirements are defined and designed into the systems, implemented in accordance to the security design, and in compliance with prevailing ICT security policies and standards.
- Develop and review project specific security specifications and ensure alignment to assessed security risks, security requirements, prevailing ICT security policies and standards.
- Review security architectures, designs and implementations to ensure compliance with prevailing ICT security policies and standards. Identify design gaps and recommend security enhancements.
- Involve in designing artefacts (spanning design, development, and implementation) into enterprise systems that are aligned to security principles and overall Enterprise System Architecture.
- Stay abreast of current and emerging security technologies for cloud and on-premises, as well as the associated security threats and risks. Design security architecture and control measures to mitigate the relevant threats and risks.
- Align security architecture frameworks and standards with business strategies and functions.
- Involve in scoping of security tests, reviews and audits, as well as reviewing the results of security tests, reviews and audits to ensure security assurance is achieved.
- Partner with the cybersecurity team, stakeholders, project teams, and outsourced vendors to ensure security objectives are achieved.
- Manage stakeholder relationships to ensure that consulting services delivered meet their expectations.
- Minimum 3 years of IT security experience in IT security consultancy, and security operations (which includes experience in
management, deployment and maintenance of security for ICT systems).
- Knowledgeable in cloud security.
- Prior experience in security apps development is desirable.
- Knowledge and experience in ICT security risk management methodologies and risk evaluation techniques.
- Able to articulate cybersecurity risks, mitigation measures and residual risks orally and in writing to stakeholders, in an easily understood and actionable manner.
- Knowledge of security technologies (such as SIEM, Log Management and Analysis Tools, firewall, cryptography, vulnerability scanning tools, endpoint security, identity and access management), and frameworks (such as MITRE ATT&CK framework), and security domains (such as network security, cloud security and application security).
- Knowledge of system security architecture concepts including network topology, protocols, components and principles (e.g. application of Defence in Depth), and able to specify where and how security controls should be applied to or engineered into the security design.
- Degree in Computer Science, Computer or Electronics Engineering or Information Technology or related disciplines.
- Singapore Citizen only
If you are meet the job requirements, do apply with an updated CV. We regret to inform only shortlisted candidates would be contacted.
EA Licence No: 11C5502 | EAP Registration No: R22109486