Engineer (System Security) - Singapore - Thales

Thales
Thales
Verified Company
Singapore

5 days ago

Wei Jie

Posted by:

Wei Jie

beBee Recruiter
Description

Location:
Singapore, Singapore

Thales people architect solutions at the heart of the defence-security continuum.

Interoperable and secure information and telecommunications systems for defence, security, and civil operators, are based upon innovative use of radiocommunications, networks, and cybersecurity.

We are ground breaking new digital technologies such as 4G mobile communications, cryptography, cloud computing and big data for use in physical protection systems, and critical information systems.

Thales established its presence in Singapore in 1973 to support the expansion of aerospace-related activities in the Asia-Pacific region.

Throughout the last four decades, the company grew from strength to strength and is today involved in the primary businesses of Aerospace (including Air Traffic Management), Defence & Security, Ground Transportation and Digital Identity & Security.

Thales today employs over 2,100 people in Singapore across all its business areas.


Job Summary


You will be looking after the governance of the infrastructure and systems for mission-critical Command and Control (C2) system that Thales Solutions Asia (TSA) have developed for government agency.

You will be part of a team to manage the security of system, to ensure the system adhere to the security policies, and is well protected from any threats, risks or exploits.


Job Duties
Provide security expertise and management services to support Authority in activities such as:

  • Internal / external audits (IM8, Cybersecurity, etc)
  • Policies compliance (IM8, Cybersecurity, etc), work with vendor on:
  • Vulnerability management compliance reports and patch reports
  • Filing of documents and Security Scorecard for audit purpose, to produce it as required
  • Monthly logs review. E.g., privilege user activities
  • Vulnerability/ Compliance Assessments
  • Penetration Tests and Source Code Reviews
  • Disaster Recovery (DR) and Business Continuity Planning (BCP):
  • All relevant activities related to the DR and BCP planning
  • Checks on system backup completion by vendor and datacentre
  • Document update and implementations.
  • ICT/Threat Risk Assessments (TRA)
  • Monthly reviews of privileged accounts and nonprivileged account, disable inactive accounts
  • Seek security waivers (IM8, Cybersecurity Act, Circulars etc)
  • Circulate security notifications/alerts to vendors and ensure status updates too all stakeholders including cybersecurity centre
  • Security monitoring/tracking:
  • Monitor alerts from SOC
  • Update stakeholders regarding SOC alerts
  • Review compliance reports with vendors to ensure that system is compliant
  • Manage, track and update any security incidents/ issues to all stakeholders
  • Review Incident Report (if any)
  • Patching:
  • Ensure patches are tested and verified before seeking approval for patching downtime
  • Communicate system downtime to all stakeholders
  • Ensure system availability after patching is completed
  • Obsolescence management for software licenses, hardware, operating systems and certificates
  • Security enhancement/ integration
  • Support the submission of security clearance for related vendors
  • Perform other related duties as assigned or requested

Job Requirements

  • Working hours will be 0830 hrs to 1800 hrs (for Monday to Thursday) and 0830 hrs to 1730hrs (for Friday), excluding weekends and Public Holidays
  • Able to cope in a highly pressured fastpaced environment
  • Prior working experience in cyber security and vulnerability management is preferred
  • Strong knowledge of security principles, best practices, and industry standards, such as NIST, ISO 27001, and CIS Critical Security Controls
  • Able to understand security posture of systems
  • Prior working experience in Project Management is a plus point
  • Able to understand the system and software architecture, and user operations environment
  • Willingness to pick up any new technologies

Education
Diploma or Bachelor's Degree in Cybersecurity/ InfoSec/ Information Technology / Information Systems / Business IT or its equivalent
Relevant professional certifications, such as CISSP, CISM, CEH, or other security certifications


Experience
Minimally 1-2 years of experience in cybersecurity and supporting mission critical systems with very stringent SLA e.g. 99.9%
Well-versed in cybersecurity best practices and establishing of its policies
Well-versed in IT Service Management (ITSM) standards, processes, guidelines and best practices
More jobs from Thales
See all jobs of Thales