IT Security Engineer
SINGAPORE, Singapore
Thales
From Aerospace, Space, Defence to Security & Transportation, Thales helps its customers to create a safer world by giving them the tools they need to perform critical tasksThe Opportunity:
The Security Engineer helps to ensure the compliance of Thales’s solution to the "cyber-secured by design" motto. As such he/she will assist the Head Systems/IT Security in the implementation of security measures designed for Thales’ solutions. He/She may be tasked to oversee the design of security implementation relevant to his/her domain of expertise. He/She will also be required to provide guidance on the appropriate security solutions to use for tender proposals, and support bid managers in addressing the cyber-security concerns of their potential business leads. As an agile information security expert, you will also participate in the implementation of critical project security work packages.
Hence you will be expected to:
- Act as the security ‘partner’ of the agile project teams, for all question related to information security
- Contribute to information security strategy and agile security process improvement
- Ensuring fundamental requirements or state of art of specialty engineering is considered for solution element or component design and development.
- Contributing to formalization and implementation of allocated requirements to solution elements or components, to their interfaces and their verification criteria.
- Participates in solution integration and verifies that solution meets specialty requirements.
Responsibilities:
- Understand the security requirements and provide support for IT Security work packages in bids and projects
- Provide security consultancy to internal teams on their project’s/business opportunity’s security needs
- Perform security risk assessment for projects and systems and recommend appropriate mitigation measures
- Act as the technical point of contact on security matters for customers, responding to their queries and providing appropriate solutions
- Work with internal and external teams to successfully implement proposed security solutions such as host-based endpoint protection, network firewalls, SIEM, 2FA
- Perform security audit or review of a system to highlight gaps in security compliance
- Support projects’ service teams in daily operations for security such as firewall administration, OS patching, and managing security incidents
Requirements:
- Degree in Information Technology / Computer Science or equivalent
- Minimum five years’ experience in the IT Security domain
- Minimum 5 years of working experience in at least 2 of the following domains: (Application security, Network security, System security, Data security and/or Cloud security)
- Experience in securing large and critical systems is an added advantage
- Ability to work alone and in a team
- Good communicator and able to build mutually beneficial relationships with customers, partners and internal teams
- Readiness to work under time pressure and be able to adapt quickly to project demands
Technical skills:
- Technical hands-on expertise in firewalls, IDS/IPS, AV, IAM, or PIM preferred
- Strong knowledge of TCP/IP and network protocols, mobile technologies or virtualization will be advantageous
- Able to write simple shell scripts or Python/Perl scripts for security administration tasks
- Experience in secure system will be advantageous
- Good knowledge/experience in major Security Standards and Guidelines (ISO 27001, NIST, Common Criteria and/or IEC 62443).
Professional Qualifications:
- An internationally recognised professional security certification such as Certified Information Security Auditor (CISA) and/or Certified Information Systems Security Professional (CISSP) is a must and OSSTMM Professional Security Tester (OPST) and/or CREST Practitioner Security Analyst (CPSA) is good to have.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security Big Data CISA CISSP Cloud Compliance Computer Science CREST Cryptography Firewalls IAM IDS IEC 62443 IPS ISO 27001 Network security NIST Perl Python Risk assessment Security strategy SIEM Strategy TCP/IP
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.