IT Security Engineer

Location: Singapore, Singapore

We are ground breaking new digital technologies such as 4G mobile communications, cryptography, cloud computing and big data for use in physical protection systems, and critical information systems.

Thales today employs over 2,100 people in Singapore across all its business areas.

The Opportunity:

As an agile information security expert, you will also participate in the implementation of critical project security work packages.

Hence you will be expected to:

• Act as the security ‘partner’ of the agile project teams, for all question related to information security
• Contribute to information security strategy and agile security process improvement
• Ensuring fundamental requirements or state of art of specialty engineering is considered for solution element or component design and development.
• Contributing to formalization and implementation of allocated requirements to solution elements or components, to their interfaces and their verification criteria.
• Participates in solution integration and verifies that solution meets specialty requirements.

Responsibilities:

• Understand the security requirements and provide support for IT Security work packages in bids and projects
• Provide security consultancy to internal teams on their project’s/business opportunity’s security needs
• Perform security risk assessment for projects and systems and recommend appropriate mitigation measures
• Act as the technical point of contact on security matters for customers, responding to their queries and providing appropriate solutions
• Work with internal and external teams to successfully implement proposed security solutions such as host-based endpoint protection, network firewalls, SIEM, 2FA
• Perform security audit or review of a system to highlight gaps in security compliance
• Support projects’ service teams in daily operations for security such as firewall administration, OS patching, and managing security incidents

Requirements:

• Degree in Information Technology / Computer Science or equivalent
• Minimum five years’ experience in the IT Security domain
• Minimum 5 years of working experience in at least 2 of the following domains: (Application security, Network security, System security, Data security and/or Cloud security)
• Experience in securing large and critical systems is an added advantage
• Ability to work alone and in a team
• Good communicator and able to build mutually beneficial relationships with customers, partners and internal teams
• Readiness to work under time pressure and be able to adapt quickly to project demands

Technical skills:

• Technical hands-on expertise in firewalls, IDS/IPS, AV, IAM, or PIM preferred
• Strong knowledge of TCP/IP and network protocols, mobile technologies or virtualization will be advantageous
• Able to write simple shell scripts or Python/Perl scripts for security administration tasks
• Experience in secure system will be advantageous
• Good knowledge/experience in major Security Standards and Guidelines (ISO 27001, NIST, Common Criteria and/or IEC 62443).

Professional Qualifications:

• An internationally recognised professional security certification such as Certified Information Security Auditor (CISA) and/or Certified Information Systems Security Professional (CISSP) is a must and OSSTMM Professional Security Tester (OPST) and/or CREST Practitioner Security Analyst (CPSA) is good to have.

Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!