Senior Application Security Engineer

**Date Posted**: 2021-09-30-07:00 **Country**: Singapore **Location**: 39 Changi North Crescent, Singapore **Position Title**: Senior Application Engineer Engineer **Position Grade**: P3/ P4 **Department**: Innovation Hub Singapore **Review by** Bonar Asido Sihombing **Job Summary** (Description of general purpose of the job) We are looking for an Application Cyber Security Analyst/ Engineer with some Network Engineering background to be part of Collins Singapore Innovation Hub team. The resource will work with digital and automation solution development team, to assess the security aspect of the IT and OT solution within the organization’s Industry 4.0 digital solution ecosystem, explore, research and recommend secure design and mitigation steps, as well as support solution proof of concept, piloting and implementation of new technology. **Roles and** **Responsibilities** position) - Develop functional, interface and technical specifications for software and hardware for security assessment. - Drive DevSec platform and practices for Digital Innovation Hub team such as version control system, static and dynamic code scanning. - Contribute to architecturally significant requirements and technical risk area identification. - Support testing for products system integration, to ensure security compliance. - Serve in a design quality role (systems) helping to assure that development teams observe Secure Software Development practices. - Keep updated about the latest threat, IT security technology and adherence guidelines and reflect existing and coming security solutions. **Competencies** (Essential competencies required for this position) Selection at least 3 and max 5 Rank by importance (1 being most important) **Type of Competencies** **Rank** Adaptability 2 Analytical Skills 4 Business Judgment Communication 3 Customer Focus Developing Talent Focus on Results 1 Forward Thinking Listening Strategic Leadership Teamwork **Dimension and** **Scope** (Describe how the position fits into the organization as a whole as well as the level of accountability) Supervisory responsibility: (if any) No Budgetary Responsibility: Yes / No Yes Other financial metrics impacted by this position (eg. Revenue, bookings, etc) No **Qualification and** **Education** **Requirements**: Minimum Education required (specific field or equivalent): - Degree in Computer Science/ Computer Engineering/Information technology. - A passion for ongoing management of a Secure Software Development Life Cycle Minimum years of experience in role: - Experience with Application Development and Software Assurance in a highly regulated industry - Technical background in the areas of Enterprise IT and industrial control systems, process control networks, SCADA or other industrial automation is important and preferred - Strong understanding in cybersecurity risks and controls, vulnerability assessment, endpoint security solutions, managed security service, cloud security. - Good knowledge in one or multiple areas such as Windows, UNIX, mid-range, firewalls, intrusion detection, threat detection analysis, and/or information risk management. - Knowledge of local and global compliance standards and guideline (e.g. PDPA, PCI, SOX, HIPAA, NIST, MITRE ATT&CK, OWASP). - Good knowledge of performing routing protocols (MPLS, HAIPE/IP, QOS and WAN). - Good knowledge of performing secure configuration on network assets, e.g. Firewall, Gateway devices, Switches, NAT, Domain controller, encryption certificate, etc. - Strategic security certifications (e.g. CISSP, CISM) is desirable - Independent thinking, willingness to \"step outside the box\" and take reasonable, calculated risks. - Passionate and lean towards Innovation, exploration of new way of reducing new technology security risk to the minimum. - Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources. - Experience with working on global teams across time zones, cultures and languages. Preferred Skills (if any): - Demonstrated Excellent level of analytical ability, communication and interpersonal skills required to build relationships with team members to solve problems and resolve issues. - Experience with Application Development and Software Assurance in a highly regulated industry - Technical background in the areas of Enterprise IT and industrial control systems, process control networks, SCADA or other industrial automation is important and preferred **General role in supporting ACE, EH&S, Ethics &** **Compliance and** **Quality initiatives** **ACE**: - Support the Continuous Improvement programs and ACE activities within the company - Minimum ACE Associate certification under ACP **EH&S**: - Support and participate in the EH&S programs and activities within the company - Report all incidents (injuries, illnesses, near misses, spills etc), hazardous conditions, and emergencies to his/her s