- BBBH769013 Oct 28, 2020 Competitive
Senior Security Engineer with expertise in Security Assessment & Risk Assessment for an award winning IT healthcare Leader in Singapore
Position Summary / Project Description
The Security Engineer performs analysis and review security compliance of new and existing non-standard system in healthcare institute, including drafting the security risk assessment (RA), working with CISO to highlight the risk, working with respective team and users for the implementation of the security controls as well as to verify and confirm the agreed risk mitigation measures are implemented accordingly.
He/She maintains data sources feeding the log monitoring system, develops and maintains detection and alerting rules. He responds to user incident reports and evaluates the type and severity of security events. He executes initial triage of incidents to rule out false positives. He documents incidents and develops reports. He identifies recurring security issues and risks and develops mitigation plans and recommends process improvements. He carries out and manage security project, involve in system integration testing phase prior to on-site implementation. He interprets and applies security policies and procedures. He is required to be on standby with on-call availability as and when there is project implementation, incident or any unforeseen circumstance occurs.
Roles and Responsibilities
Security Risk Assessment/Compliance Review
* Perform analysis and review security compliance of new and existing non-standard system
* Draft security risk assessment
* Implement security controls as well as verification of agreed mitigation measures in place
Security project implementation and security operations
* Implement security project as well as verification of the success implementation
* Maintain IDS/IPS, security clients including but not limited to antivirus, ATP endpoint and etc.
* Schedule security checks in accordance with reporting schedules
* Prepare periodic status reports for presentation to management
Monitor security systems
* Perform audits, reviews, security control assessments, and tests of security operations based on
* Analyse security event data to identify suspicious and malicious activity
* Document processes related to security monitoring
Support and respond to security incidents
* Review security incident reports
* Evaluate the type and severity of security events as well as handling detected security events
* Provide status updates to respective stakeholders during the life cycle of an incident as well as
crafting final incident report
* Support the maintenance and update of business recovery/contingency plans and/or procedures
1. At least 2 year working experience in security risk assessment and security compliance review.
2. At least 3 years working experience in security operation management, user and vendor management.
3. Familiar with various security products, firewall, IDS/IPS, anti-virus, VA and etc.
4. Strong analytical skills and ability to work independently.
5. Good team player as well as strong communications skills with stakeholders at all levels.
6. Possess QISP, CISSP and/or related security certification has added advantage.
7. Experience in healthcare industry is an added advantage.
8. Degree in Computer Science, Engineering or equivalent.
EA Licence No: 11C5502
Registration No: R1876903
Programme Delivery Consultant | M3S
+65 6818 3144