Cyber Security Engineer
ST Engineering Group · Singapore, Singapore
Engineering Services · 10,001+ employees
About the role
The role is responsible for maintaining the security of classified computers and systems through log reviews, risk assessments, and incident management. It also involves conducting compliance audits, managing vulnerabilities, and enforcing data security policies.
What they look for
Requirements
Candidates must possess at least one professional cybersecurity certification such as CISSP, CISM, CISA, or ISO 27001. Proficiency in security administration and compliance frameworks is required.
Full description
Job Description:
Responsible for the following roles & responsibilities (but not limited to the following), covering primarily all N2 and N3 computers and systems in the company:
- Perform Log Review on classified computers and systems.
- Perform Change Management and maintain records for audit purposes.
- Conduct Cyber Risk Assessment on classified computers & systems.
- Handle and follow up on Cyber Security Incident Management.
- Conduct Cyber hygiene awareness & education for computer users.
- Conduct internal and support external Cyber Security Compliance Audits
- Ensuring adherence to internal security policies, IT governance frameworks, and compliance controls.
- Track and remediate vulnerabilities, ensuring computers and system meet security patching and compliance standards.
- Conduct Vulnerability Management (VA Scanning) on classified network computers and systems.
- Enforce Data Security and Encryption requirements on classified computers and systems.
- Formalize and archival of network security processes & flows, develop SOPs for compliance.
- Implement GPOs to maintain Secured Configurations to prevent breaches
- Daily basic cyber security operation and maintenance.
- Conduct security audits and prepared reports, highlighting areas for improvement.
- Coordinate and supporting external audits, risk assessments, and regulatory submissions.
- Assist with implementation of security standards aligned to MSD, GISO, IT and other relevant authorities’ frameworks.
Job Requirements to have 1 or more of the following certifications:
- CSSA+ — Cyber Security System Administration (cum CEH / ComTia Security+ within 6 months of appointment)
- CISA — Certified Information Systems Auditor
- CISM — Certified Information Security Manager
- ISO 27001 – Internal Audit — ISO/IEC 27001 Information Security Management Systems (ISMS) Internal Auditor.
- ISO 27001 – Lead Implementer — ISO/IEC 27001 Information Security Management Systems (ISMS) Lead Implementer.
- CISSP — Certified Information Systems Security Professional.
- GCIH - GIAC Certified Incident Handler