Senior IT Security Engineer

Location: Singapore, Singapore

Thales is a global technology leader trusted by governments, institutions, and enterprises to tackle their most demanding challenges. From quantum applications and artificial intelligence to cybersecurity and 6G innovation, our solutions empower critical decisions rooted in human intelligence. Operating at the forefront of aerospace and space, cybersecurity and digital identity, we're driven by a mission to build a future we can all trust.

In Singapore, Thales has been a trusted partner since 1973, originally focused on aerospace activities in the Asia-Pacific region. With 2,000 employees across three local sites, we deliver cutting-edge solutions across aerospace (including air traffic management), defence and security, and digital identity and cybersecurity sectors. Together, we're shaping the future by enabling customers to make pivotal decisions that safeguard communities and power progress.

The Opportunity:

The Security Engineer helps to ensure the compliance of Thales's solution to the "cyber-secured by design" motto. As such he/she will assist the Head Systems/IT Security in the implementation of security measures designed for Thales' solutions. He/She may be tasked to oversee the design of security implementation relevant to his/her domain of expertise. He/She will also be required to provide guidance on the appropriate security solutions to use for tender proposals, and support bid managers in addressing the cyber-security concerns of their potential business leads. As an agile information security expert, you will also participate in the implementation of critical project security work packages.

Hence you will be expected to:

• Act as the security 'partner' of the agile project teams, for all question related to information security
• Contribute to information security strategy and agile security process improvement
• Ensuring fundamental requirements or state of art of specialty engineering is considered for solution element or component design and development.
• Contributing to formalization and implementation of allocated requirements to solution elements or components, to their interfaces and their verification criteria.
• Participates in solution integration and verifies that solution meets specialty requirements.

Responsibilities:

• Understand the security requirements and provide support for IT Security work packages in bids and projects
• Provide security consultancy to internal teams on their project's/business opportunity's security needs
• Perform security risk assessment for projects and systems and recommend appropriate mitigation measures
• Act as the technical point of contact on security matters for customers, responding to their queries and providing appropriate solutions
• Work with internal and external teams to successfully implement proposed security solutions such as host-based endpoint protection, network firewalls, SIEM, 2FA
• Perform security audit or review of a system to highlight gaps in security compliance
• Support projects' service teams in daily operations for security such as firewall administration, OS patching, and managing security incidents

Requirements:

• Degree in Information Technology / Computer Science or equivalent
• Minimum five years' experience in the IT Security domain
• Minimum 5 years of working experience in at least 2 of the following domains: (Application security, Network security, System security, Data security and/or Cloud security)
• Experience in securing large and critical systems is an added advantage
• Ability to work alone and in a team
• Good communicator and able to build mutually beneficial relationships with customers, partners and internal teams
• Readiness to work under time pressure and be able to adapt quickly to project demands

Technical skills:

• Technical hands-on expertise in firewalls, IDS/IPS, AV, IAM, or PIM preferred
• Strong knowledge of TCP/IP and network protocols, mobile technologies or virtualization will be advantageous
• Able to write simple shell scripts or Python/Perl scripts for security administration tasks
• Experience in secure system will be advantageous
• Good knowledge/experience in major Security Standards and Guidelines (ISO 27001, NIST, Common Criteria and/or IEC

Professional Qualifications:

• An internationally recognised professional security certification such as Certified Information Security Auditor (CISA) and/or Certified Information Systems Security Professional (CISSP) is a must and OSSTMM Professional Security Tester (OPST) and/or CREST Practitioner Security Analyst (CPSA) is good to have.

At Thales, we're committed to fostering a workplace where respect, trust, collaboration, and passion drive everything we do. Here, you'll feel empowered to bring your best self, thrive in a supportive culture, and love the work you do. Join us, and be part of a team reimagining technology to create solutions that truly make a difference – for a safer, greener, and more inclusive world.