Job ResponsibilityInformation Security Operation Engineer
KEY ACCOUNTABILITIES
o Responsible and support the daily security operation tasks related to Identity and access management control activities and user support, URL whitelisting, external storage access review, firewall rules review, privilege access control, endpoint security, vulnerability management and patching, Data Leakage Prevention tool alerts, Security Incident Response
o Maintain and update related security / standard operation procedures
o Support and coordinate on below security activities with Group Security, IT and business units:
Govern and coordinate the resolution of any vulnerability and compliance scanning issues reported / detected in IT Infrastructure across the region
Privileged Access Management (PAM) related activities including general advisory, logs review, periodic recertification, PID onboarding / offboarding etc
Application onboarding to Identity Access Management (IAM) workflow system
biannual user access recertification from end to end together with Group security annual penetration test exercise and findings remediation
firewall rule request review / approval, high risk rule remediation, annual firewall rule and network design review
Web URL & DLP whitelisting, alerts handling, logs and policy review
Endpoint security support, security agent deployment gap remediation and periodic review including anti-virus exclusion, URL whitelisting, USB / remote device security management, endpoint encryption
End-of-Life system / software remediation
Security incident management and response with Global SOC team, annual cyber drill related activities
Support compliance / audit exercises in providing supporting documents managed under security operation team
Monitor, tracking, provide status update and report on various security operation metrics / remediation status on abovementioned items
Support the team leader on monthly group regional Information Security team meeting and any assigned tasks related to regional security operations projects / initiatives implementation
Coordinate periodic security discussions with Group Security and business unit security teams / counterparts on key initiative updates, SecOps project implementation, issue tracking and resolution etc
Support the transfer and takeover of local business unit security operational tasks to Singapore regional team (where applicable).
Information Security Operation
EXPERIENCE / QUALIFICATIONS
o 6 - 12 years hands-on, broad-based information security experience with various security technologies/tools:
o Vulnerability and compliance scanning tool
o Endpoint Threat Detection & Response tool
o Anti-Virus solution
o Data Leakage Prevention (DLP) Tool
o Web proxy
o Identity and Access Management workflow management tool
o Privileged Identity Management tool
o Firewall policy management tool
o Experience with security alert and incident handling, security vulnerability remediation and follow up, Identity Access Management, a plus to have experience working on Security Operation Dashboard Reporting
o Good knowledge of IT infrastructure, network security technologies, information security, compliance controls, promote process efficiency
o A plus to have experience of working with teams spanning across multiple geographic regions
o Good communication, interpersonal skills and able to work independently with accountability over deliverables.
o A good team player, customer service mindset
o Can effectively navigate through a complex environment undergoing change and possess the willingness to get things done.
o Ability to deliver work within tight timescales
o Certified Information Systems Security Professional (CISSP), CISM and/or equivalent. (Desired)
Job RequirementsJob Benifits
