Cybersecurity Engineer

Overview Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of GovTech. ATS offers a comprehensive suite of products and services including infrastructure and operational services, governance and assurance services, and managed processes. ATS collaborates with GovTech, government agencies and commercial partners to mitigate cyber risks and bolster security postures. Responsibilities As part of the team, you will develop and maintain cybersecurity standards, procedures, configurations or rulesets for the systems and services. For validation of security procedures, you will conduct security exercises which may include table-top or simulation exercises. Participate in security incident response that includes understanding alerts, coordination with various system or service operators, identifying potential threats and performing basic triaging prior to escalation to next level security responder. Coordinate in Indicators-Of-Compromise (IOC) scanning, collating the reports from various system operators with consolidated update to the stakeholders. Perform vulnerability assessment using automated and manual tools with recommendation for actionable remediation controls. Understand the published vulnerabilities with their respective security patches with context to the deployed system and perform risk assessment onto them. Monitor and notify security patches releases for the various products. Involve in the security patch assessment rating based on standards like Common Vulnerability Scoring System (CVSS) as well as with the context of the deployed environment. Engage with stakeholders with presentation or reporting on the vulnerability scanning results, security testing results, security incident or security posture of the systems. Requirements Knowledgeable in cyber security principles, operational security management techniques, architecture and designs, cybersecurity attributes (e.g. confidentiality, integrity, availability, accountability, assurance, etc.) and security measures (e.g. authentication, authorisation etc.) for applications in an enterprise environment or setup Possess more than 5 years\' working experience on cybersecurity in one or more of the following domains: Network security design, applications secure development, cryptography, mobile management, cloud hosting design and implementation, DevSecOps, etc Possess security certifications such as SANS GCIH, CISSP, CISM, AWS or any cloud service security specialty is an added advantage Knowledgeable on cyber security technologies (SIEM, VMS, CTEM, VA, GRC and Cloud Security toolsets)Experience in risk assessment on system, network, application cloud security vulnerabilities, misconfigurations and security patches with technical understanding on their mitigation Has understanding of vulnerability assessment, penetration testing report, conduct a full impact of identified and reported vulnerabilities, recommend, and conduct remediation and mitigation Experience in understanding alerts, identifying potential threats and performing basic triaging prior to escalation to next level security responder. Has good interpersonal and stakeholder management skills with presentation skills, and the ability to write clearly, concisely, and within context. Experience in working with cross-functional, multi-disciplinary teams or contractors to formulate and institute security policies, standards, procedures and configurations Benefits A wholly-owned subsidiary of GovTech An attractive yearly training budget with annual performance bonus Contract Staff enjoys the same benefits as Permanent Employees Details Seniority level Mid-Senior level Employment type Contract Job function Information Technology Industries IT Services and IT Consulting #J-18808-Ljbffr