Cybersecurity System Engineer

ABOUT AMS The Airspace Mobility Solutions (AMS) business, part of the Global Business Unit Land and Air Systems, is providing leading edge Air Traffic Management (ATM), Unmanned Traffic Management (UTM), Security and Digital Aviation solutions for the Commercial and Defence sectors.The AMS business manages 11% of the world's airspace and with revenues of over 500 million Euros worldwide, is the global market leader in airspace management solutions. In Singapore, the business focus is the delivery and support of two key ATM solutions including TopSKY-ATC(HE) and LORADS-III.ROLE DESCRIPTION SUMMARY The Cybersecurity System Engineer contributes to the development, application and assessment of the Security controls to AMS Systems, including Products, Projects for delivery to the customer and internal systems.The Cybersecurity System Engineer is under the supervision of the Project Security Manager (PSecM) and Squad Scrum Master.KEY ACTIVITIES AND RESPONSIBILITIES As aCybersecurity System Engineer, you are accountable for: The Cybersecurity System Engineer contributes to the development, application and assessment of the Security controls to AMS Systems, including Products, Projects for delivery to the customer and internal systems.The Cybersecurity System Engineer is under the supervision of the Project Security Manager (PSecM) and Squad Scrum Master.KEY KNOWLEDGE AND EXPERIENCE To be successful in your role, you will have demonstrated and/or acquired the following knowledge and experience: RESPONSIBILITIES: • Contribute to and lead where assigned to the design and development of solutions to meet customer requirements, whilst ensuring the alignment with the cybersecurity program• Contribute to and lead where assigned the definition of solutions that deliver the best trade-off between requirements, cost, schedule and risk satisfying our customer needs• Coordinate with internal stakeholders, advising on security controls and processes / procedures• Develop or update the relevant cybersecurity documentation development such as:o Statement of Applicabilityo Security requirements and associated designo Security Incident Response Plano System Security Plano Standard Security Operational Procedures• Contribute to Engineering Change Proposals (ECPs) and Problem Change Requests (PCRs)• Participate and lead technical reviews and working groups as required• Provide leadership of security control implementation and monitoring• Conduct periodic reviews of the implemented security configuration to align with selected security framework(s)• Perform Vulnerability Assessments by the conduct of regular vulnerability scans and cyber security audits Generate Vulnerability report with recommendation in project context - Relying on the PSIRT team. Support security patch management Lead where assigned the integration and verification of security controls Lead where assigned the application and operation of procedural and technical security controls • Contribute to cybersecurity test campaigns• Contribute to Security risk assessments• Deliver fundamental-level cyber security training in an accessible, easy-to-understand manner• Promote knowledge sharing ensuring that work is captured sufficiently for re-use across projects• Follow Thales processes and practises and contribute to their improvementKnowledge, Skills & Experience Qualifications Degree in Engineering, Computer Science or related discipline majoring in Cybersecurity • Postgraduate studies in Cybersecurity (Desirable)Essential Experience • 5+ years of proven experience in the Cybersecurity field• Strong knowledge in Cybersecurity solutions (e.g. IAM, PAM, SIEM, EDR, Keys, Firewall)• Strong knowledge in Cybersecurity engineering activities• Knowledge of Systems Engineering Lifecycle and relevant standards eg. ISO/IEC15288• Demonstrated ability to achieve effective outcomes in a multidiscipline, multi-culture environment• A positive attitude combined with excellent interpersonal and motivational skills.• Sound judgement and independent decision-making capability where necessaryDesirable: Industry qualifications, such as CISSP • Experience in system hardening and hardening review based on CIS Benchmarks or DISA STIG frameworks.• Knowledge of ISO 27001 foundational requirements.Experience in country security regulations (e.g. CCOP and IM(ICT&SS) for Singapore)• Experience in ATM Domain and related standards eg. ICAO, Eurocontrol , or safety critical systems.• Experience in System Engineering tools eg. DOORs, Polarian, Jira• Experience in vulnerability management and threat modeling• Experience in working in a Scaled Agile Framework (SAFe)General / Special Requirements • Assist in ensuring a harmonious work environment in all departments that you are working with by upholding Thales' key values.• An advocate for diversity and inclusion who will be actively involved in implementing change initiatives to achieve our diversity goals• An advocate for a culture of continuous improvement• An advocate for Accountability, transparency and curiosity• Comply with all relevant company Occupational Health, Safety and Environmental policies and framework and work practices with the intent of preventing or minimising accidental exposures to self, colleagues, visitors and/or the environment and to ensure a safe work practises at all times.• Comply with all relevant Company policies and procedures.SPECIAL REQUIREMENTS • Occasional international travel may be required• Singapore CAT2 Clearance may be required