Senior/ Principal Cybersecurity Engineer

PURPOSE

The role entails managing the security of the company's IT and 5G networks by ensuring the infrastructure is adequately protected through the adherence and implementation of regulatory and industry best practices, identifying and mitigating risks through the establishment of robust security policies and controls.

MAJOR DUTIES AND RESPONSIBILITIES OF THE SENIOR/ PRINCIPAL CYBERSECURITY ENGINEER (OPERATIONS & GOVERNANCE)

1. Information Security Management Expertise:

• Serve as the primary expert for security systems, offering deep technical knowledge and leadership.
• Champion innovative cybersecurity solutions and initiatives to strengthen organizational defenses.
• Provide strategic guidance and oversight to external vendors, ensuring adherence to SLAs and KPIs.
• Mentor and guide junior team members, fostering skill development and knowledge sharing within the security team.
• A leadership role that requires technical proficiency demonstrated in multiple cybersecurity domains. The role demands knowledge and/or practical experience in most of the domains below:

Cybersecurity governance frameworks, security operations including incident response, security architecture design, threat risk assessment and security testing. To possess technical understanding of both on-premises infrastructure security and cloud security architectures across major platforms (e.g., AWS, Azure, and GCP), including their native security features, identity management systems, and security control implementations.

2. Cybersecurity Operations and Governance:

• Manage and monitor security tools, systems and to detect and respond to potential security threats or suspicious activities.
• Continual development, configuration and fine tuning of existing policies, security configurations on the various security systems such as firewalls, IAM, PAM, SIEM, SOAR, XDR/EDR anti-virus software, MDM/MAM and other security-related software and hardware.
• Develop and assess of security controls in the various security systems, such as firewalls, IAM, PAM, SIEM, SOAR, XDR/EDR anti-virus software, MDM/MAM and other security-related software and hardware.
• Lead and collaborate with vendors, internal/external partners to ensure the organization's security posture is maintained and plan for improvements. Provide advisory and recommendations on appropriate cybersecurity technologies to be deployed taking into account the organization's needs, resources and regulatory requirements.
• Contribute to the development and execution of an effective cybersecurity awareness programme in collaboration with external parties e.g. MNOs, vendors, regulatory etc, that adheres to regulatory requirements
• Design and implement security processes and protocols, ensuring alignment with organizational security goals, objectives, industry benchmarks and best practices, and regulatory requirements.
• Formulate and lead the development of comprehensive cybersecurity strategies in line with global best practices and industry benchmarks e.g. IMDA TCS, CSA, CIS, NIST, ISO27001.
• Govern and enhance security posture by maintaining visibility and oversight of assets, security architectures, and cybersecurity operations code of practices.
• Develop and maintain incident response plans and playbooks. This involves planning, designing and conducting security incident response workshops and exercises (table-top exercises, simulation and drills) as well as leading the investigation and management of security incidents. Define and track corrective actions.
• Manage vulnerability identification and remediation efforts, working closely with vendors and business units within organizations to ensure mitigation strategies are timely and effective.
• Manage and develop risk management processes and act as the security risk owner for the organization.

3. Incident Management, Threat Intelligence and Analysis:

• Develop and enhance incident response plans in collaboration with internal/external stakeholders, ensuring readiness for a broad range of potential threats.
• Coordinate and conduct regular response drills, including red and blue teaming exercises, to ensure the organization is equipped to handle real-world cyber incidents.
• Act as an escalation point for incidents, providing expert guidance and ensuring a rapid, coordinated response.
• Coordinate and respond to security incidents, ensuring proper incident management and response protocols are followed,
• Provide on-time accurate reporting to senior management and relevant stakeholders (internal/external) during an incident.
• Ensure that the incident management process adheres to industry best practices and regulatory requirements.
• Take the lead in incident response, investigations, managing response efforts with a clear focus on minimizing business impact, restoring operations and regulatory reporting requirements.
• Lead threat modelling and threat hunting efforts, conduct risk assessments to address emerging threats and evolving attack techniques in collaboration with vendors.
• Develop and maintain cyber incident response playbooks and ensure continual enhancements and relevance.

4. Project Delivery and Management:

• Initiate and oversee IT and network security projects to ensure robust protection and operational efficiency in collaboration with vendors and in-house teams.
• Strategize, plan, and execute infrastructure security initiatives, aligning with organizational goals.
• Administer and optimize centralized security platform tools for streamlined operations.
• Monitor progress, track milestones, and ensure timely completion of project deliverables within budget.

5. Technical Experiences:

• Work with technologies such as Firewalls (Palo Alto, Fortinet, Checkpoint), Cisco, F5 load balancers, routers, switches, virtualization platforms (VMware, RedHat), IAM/PAM, SOAR, EDR/XDR, SIEM, and TIP.
• Implement Network Access Control (NAC), Firewall rules and VPN solutions.
• Manage network security for on-premises and cloud environments.
• Implement encryption technologies and protocols.
• Digital Forensics.
• Prepare procedures for upgrading/patching security infrastructure.
• Maintain and develop technical documentation.

JOB REQUIREMENTS AND PREFFERED QUALIFICATIONS

• Degree in IT, Computer Science, Information Technology, or related fields.
• At least 8 to 10 years of relevant information security experience.
• Minimum 5 years of experience as a technical lead in security projects.
• Experience in domains of Cyber Security Operations, Incident Response, Forensic Investigation, Threat Intelligence, or Vulnerability Management preferred.
• Good understanding of security protocols, cryptography, authentication, and authorization.
• Strong knowledge in Networking, Firewalls, VMWare, Kubernetes, Load balancers, Active Directory, Windows, LINUX platforms, and MITRE framework.
• Experience in network solutioning, operations, project management and implementation.
• Professional information security certification preferred (e.g. CompTIA Security+, CISSP, CISA, CISM)
• Understanding of IMDA Telecommunications Cybersecurity Code of Practice (TCS Code), Singapore Cybersecurity Act 2018, CSA CCoP, ISO 27001, NIST, and CIS.
• Prior experience in telecommunications infrastructure would be advantageous.
• Strong understanding of MITRE ATT&CK and ICS MITRE frameworks
• Excellent interpersonal, presentation, writing, and communication skills.
• Highly motivated, willing to learn new technologies, and able to work under pressure.
• Team player with the ability to work independently.

Commitment to Equal Employment Opportunity

Antina is a company driven by ability, performance, and hard work. We adopt fair employment practices and employment decisions will be based on merit, qualifications and abilities. Antina does not discriminate in employment opportunities or practices on the basis of race, colour, religion, sex, sexuality, national origin, age, disability, marital status or any other characteristics protected by law.