Information Security Engineer

Company Brief

SPTel - a Joint Venture between ST Engineering and Singapore Power Group to deliver true network diversity and agility for a Smart Nation.

Offering high-value products and innovative services, SPTel plays an important role to enterprises accelerate their digital journey, We aim to improve the way people, places, and things, connect with each other by providing network infrastructure, enabling technologies, and building ecosystems.

With our fibre network topology built alongside the power network cables, SPTel provides a differentiated design and diverse network solution for discerning organizations and mission-critical businesses.

Job Brief

You will be responsible for designing and deploying Infrastructure network security solutions and Managed Security solutions for our enterprise customers.You will work with a team of security professionals and together, build up Corporate’s Cybersecurity practice. As a project owner, you must be responsible for all technical project deliverables and see your project through from start to finish.

This rewarding role will best suit someone with network experience and the ability to work closely with our engineers to deliver large scale network solutions.

Responsibilities:

• Part of Cybersecurity Team to plan, design and build security defences to protect corporate’s, Telcom Infrastructure and SPTel’s customers’ networks.
• Be the subject matter expert during a cybersecurity incident, work with stakeholders for cyber forensic, prepare the incident report to management.
• Conduct Vulnerability and Risk Assessments of Corporate’s corporate and Telco network, manage deviation approval processes.
• Response to Threat Intelligence alerts and keep abreast of new cybersecurity threats.
• Support and Maintain Corporate’s Cybersecurity assets.
• Implement InfoSecurity Policies for Corporate and Cybersecurity systems.
• Build cybersecurity awareness and capabilities in Corporate.
• Support company ISMS and Cyber Incident Response Team.
• Conduct company-wide Table-top Cybersecurity exercise and Simulation regularly.
• Support regulatory compliance monitoring and reporting.
• Manage and support cybersecurity related projects.
• Be the system owner for security systems and appliances including Firewall, N-IPS, H-IPS, Anti-DDoS system, Server protection and Endpoint protection systems, PAM, Active Directory, TACACS, etc. Prepare MOP and raise Change Requests for system changes, eg. System upgrades, patching, bug fixes.
• Translate and Implement Managed Security Services Solutions according to Product Specifications.
• Conduct POC Testing and technical evaluation for new cybersecurity solutions.
• Support the Ops Centre and Tech Ops staffs in Cyber related investigation and trouble-shooting.
• Create Standard Operating Procedures (SOP) for cybersecurity product offerings.
• Create Cyber incidents playbooks and Hardening baseline, review and update regularly.
• Any other ad-hoc duties as assigned by superior from time to time.

Role Requirements:

• 3-10 years of experience in IT or Telecommunication Sectors.
• Minimum 2 years of experience in any Cybersecurity Domains.
• Knowledge of vulnerability scoring systems (e.g. CVSSv3, CVSSv4)
• Ability to conduct root cause analysis against vulnerabilities and determine feasible technical solutions.
• Ability to handle large datasets and perform vulnerability analysis, experience on vulnerability management tools is a plus.
• Ability to work alongside other security functions to determine vulnerability scoring and impact.
• Good understand application protocols in context of OSI network layers and technologies not limited to NGFW, WAF, Anti-DDOS, IPS, IDS and etc.
• Good understanding of encryption and tunnelling protocols (IPsec, SSL VPN, TLS, IKE, IKEv2, etc.)
• Professional Certifications such as CEH, CISSP, CCSP, SSCP, CRISC, GCIH, GSEC or equivalent will be an advantage.
• Candidates with Hands-on experience in security products or security domains (security monitoring, incident handling, vulnerability management and etc) will be an added advantage.
• Have a deep and strong knowledge of networking – switching, dynamic routing protocols, static and rule-based routing, etc. Certificate in any networking area is a plus.
• Good analytical, problem and critical thinking skills
• Good oral and written communication skills
• Ability to work collaboratively with cross-function teams. Enjoy working with different stakeholders to achieve desire outcomes.