Cybersecurity Specialist

Join to apply for the
Cybersecurity Specialist
role at
Changi Airport Group .
Do you want to help secure the airport systems, applications and infrastructure? Are you keen on cybersecurity technology and learning about new cyber threats? If yes, then you may be a good fit for a job as a Cybersecurity Specialist
About the Role
Your role is essential for defending Changi's airport systems, infrastructure and digital assets from cyberattacks and data breaches. You will have various responsibilities, such as:
Responsibilities
Find and reduce vulnerabilities: assess the cybersecurity aspects of the design proposals for different systems, applications and infrastructure. You will source, manage and oversee external service providers who will conduct annual vulnerability assessment and penetration testing to find and report weaknesses and suggest potential remediation actions.
Apply security controls: Based on industrial best practices, security standards and guidelines (e.g. OWASP Top 10, NIST, CIS), recommend and apply suitable security measures for compliance and to address vulnerabilities shared by security threat intel. Contribute to the development and maintenance of security policies, procedures, configurations and standards aligned with ISO 27001, suitable for implementation by project teams and contractors. Join in internal audits and reviews to ensure the efficiency of the ISMS or security controls.
Secure Development Practices: Integrate OWASP Top 10 recommendations throughout the software development lifecycle (SDLC), focusing on secure coding practices and secure design principles. Work with developers to identify and fix security vulnerabilities in applications.
Incident response and recovery: Help to review logs to detect malicious activity and data breach. You will be in charge of coordinating with contractors, security vendors and internal CAG teams to devise the strategy to isolate an incident, threat, identify the root cause, and implement mitigation or recovery procedures.
Keeping up with changing threats: The cybersecurity landscape is always evolving, so you will need to keep abreast of the latest threats, vulnerabilities, mitigation techniques, and new technologies. This may involve attending training courses, reading industry publications, and participating in conferences.
Working with others: You will work closely with security professionals and governance team to educate colleagues on security best practices and raising awareness of potential threats.
Qualifications
Good degree in Information Systems/Technology, Computer Engineering, Computer Science, Information and Communications Technology (ICT) or related field.
Preferably candidates with CISSP, CISA, CISM, CompTIA Security+ or equivalent professional certifications.
Preferably candidates with a solid knowledge of cybersecurity principles and best practices, and ideally have at least 5 years of relevant work experience managing contractors and designing cybersecurity solutions to meet guidelines and standards.
Experience in preparing tender specifications for vulnerability assessment, penetration testing, and creating SOPs for security incident response.
Proficiency in security tools, logs extraction methods and technologies
Has a curious mind to proactively detect potential cyber threats and develop measures to address them
Excellent analytical and problem-solving skills
Strong communication and collaboration skills
Ability to work independently and as part of a team
We invite you to apply if you are an enthusiastic and security-aware individual with a passion for cybersecurity
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Airlines and Aviation, Aviation and Aerospace Component Manufacturing, and Travel Arrangements
#J-18808-Ljbffr