Systems Engineer/Senior Systems Engineer - Digital Solutions & Services

[What the role is]
The Systems Engineer/Senior Systems Engineer will serve as an internal consultant on information security, providing expert guidance and support in the following areas: Compliance and Governance, Security Consultancy, Risk Identification and Improvement, Policy Development and Communication, Implementation of Security Measures.

[What you will be working on]

• Act as a key member of the ICT Governance Team to ensure security governance, risk assessments, mitigations and acceptances are conducted for ICT systems/services, analyze key security metrics and take appropriate actions.
• Serve as an internal consultant on information security, providing expert guidance and support and ensuring security requirements are properly defined during procurement of ICT systems.
• Conduct policy compliance self-assessments and control measure security reviews to ensure adherence to processes and practices by relevant stakeholders and support regular ICT audits (including Third Party Management audits and exit contract audits).
• Manage the IT Risk and Third-Party Risk Registers, collaborating with relevant teams to assess and remediate ICT risks and vulnerabilities until closure.
• Design, plan, implement, and maintain a Zero-Trust, modern, and secure digital environment.
• Implement, manage, and monitor systems and processes that support ICT governance, risk, and security. This includes Threat Modelling, Identity and
• Access Management, Privileged Access Management, Certificate Management, Data Protection technologies, Vulnerability Management, Incident Management and security monitoring and compliance tools.
• Analyse, develop and communicate the technology deployment process, seek feedback from stakeholders and make continual improvement in the operations phase.
• Support the Agency Chief Information Security Officer (ACISO) in the design, planning, implementation and maintenance of a Zero-Trust, modern and secure digital environment.

[What we are looking for] 

• Relevant qualifications in Information Technology, Computer Science, Engineering (Computing/Telecommunications) or equivalent
• Possess a security related certification such CISSP, CISM or CISA
• Familiarity with Cybersecurity frameworks and best practices to secure an organization’s data and business operations
• At least 5 years of experience in managing IT-related projects and vendor management and familiar with systems/platforms such as Microsoft Azure, AWS, Windows and Linux OS and other technologies in areas such as Anti-virus, Remote Browser Isolation, Web Application Firewall, Database Activity Monitoring, Data Protection technologies, Vulnerability Management, automation tools and Privileged Identity Access Management (PIAM) tools
• Possess a security focused and a growth mindset
• Good analytical, problem-solving and interpersonal skills
• Ability to write and communicate effectively across a broad spectrum of users
• Self-motivated, keen learner, proactive and a team player

#LI-Hybrid