DevOps Engineer - Singapore - Ensign InfoSecurity

Ensign InfoSecurity

Verified Company

Singapore

1 week ago

Posted by:

Wei Jie

beBee Recruiter

Description

Ensign is hiring

Job Description Summary

Our Security Solutions team works closely with other security engineers to deliver security solutions to the project for our customers.

You will play a part in the team to research, design, architect and implement security solutions such as SIEM and SOAR, etc.

Responsibilities:

Conduct implementation, maintenance, support and operation of the project's solution platforms
Build and maintain a cloud infrastructure architecture aligning security, compliance, performance, and resilience
Identity, evaluate and recommend new technologies/tools that can improve the security, resiliency and operational efficiency of the platform.
Perform day to day operational task, scheduled change requests, troubleshooting and maintenance of the implementation
Onboard and maintain log sources
Crafting and maintaining log parsers / data flow for onboarded logs
Management of SOC systems (including but not limited to SIEM, SOAR, Threat Intel, etc)
Develop and maintain automation infrastructure for build and maintenance of solutions and to streamline manual operation tasks
Management of solutions, including patch management
Support vulnerability assessments by reviewing and providing remediation to the security hardening of the solutions.
Involvement in improving and evolving workflow, processes and best practices to increase system maintenance efficiency and security standards.
Sharing of knowledge through technical documentation, knowledgebased articles and sharing sessions with fellow peers in the team
Collaborate with relevant parties and provide consultation as a Subject Matter Expert (SME) to deliver final project outcome
Assess architectures and designs for security vulnerabilities; propose and build implementable alternatives
Build and maintain monitoring, auditing, and reporting frameworks that produces artifacts that support security and compliance needs
Proactively manage stakeholder communication related to deliverables, risks, changes, and dependencies

Requirements:

Possess the following work experience:

At least 3 years of experience in AWS, Azure and/or GCP, implementing, administrating and managing cloud network and resources (e.g., AWS EC2, IAM, CloudWatch, CloudTrail, Config, Lambda, Security Groups, WAF, Guard Duty, Inspector, Kinesis Data Firehose)
At least 2 years of experience in Windows and RedHat Enterprise Linux configuration and troubleshooting
Working experience in PowerShell, bash and/or python scripting, objectoriented languages, and web programming
Working experience in DevOps/DevSecOps, CI/CD, Ansible, Terraform or equivalent
Strong troubleshooting and analytical skills for resolving issues and delivering updates to stakeholders
Basic project management skills
Disciplines in Computer Science, Computer or Electronics Engineering, Information Technology or related qualifications
Demonstrated capacity to learn independently with mínimal guidance on new technologies
Demonstrate good verbal and written communication skills
Strong awareness of data security, data governance and performance, with an ability to deliver these key nonfunctional requirements

In possession of:

Positive working attitude and a team player
Passionate in information security and keen attitude to learn
Possession of critical thinking and contextual analysis abilities
Professional certificates such as AWS Certified SysOps Administrator,

Microsoft Certified:
Azure Administrator Associate, Google Cloud Associate Cloud Engineer, equivalent or more

Preferred Skills / Qualities

Preferably possess any of the following:

Professional certificates in Security, RedHat, MCSE, or equivalent would be an advantage
Working experience in network firewalls and web proxies would be an advantage
Working knowledge of Rest API is preferred
Professional certificates such as SIEM Certified Administrator, SIEM Certified Architect, SOAR Certified Administrator, or equivalent would be an advantage
Professional certificates such as SANS or ISC2 would be an advantage