We are an established, progressive and forward-looking organization, and we are looking for motivated and innovative technology geeks for our growing teams. Engineering and solutions delivery aren’t for everyone but if you have what it takes to succeed, be the first to apply! We would like to chat with you about your calling and prospects!
- Serve as the subject matter expert (SME) on Cybersecurity for SAL.
- Lead and influence multi-disciplinary teams in implementing and operating cyber security controls for cloud environment: micro-services, containers, applications, operating systems, databases, and networks.
- Establish, maintain and develop monitoring use cases, incident handling playbook, and perform threat hunting.
- Exploit security assessment and automation tools to enhance and enforce security
- Perform vulnerability assessment using automated tools and recommend actionable follow up to remediate the vulnerabilities and/or threats uncovered.
- Improve and develop new designs and security strategies across all types of cloud-based infrastructure and platform.
- Lead and manage security assessments of system that include configuration and log review, vulnerability scanning and penetration testing.
- Escalate security incident alert to respective system owner and assist in containment and recovery from the security incident.
- Support business initiatives through security IT risk management and mitigation propositions.
- Stay abreast of emerging security threats, vulnerabilities and controls.
- 3-5 years’ experience in cybersecurity domain.
- Strong sysadmin skillset for:
- Linux and Windows operating systems;
- AWS Cloud Services (E.g. EC2, DynamoDB, API Gateway, RDS, Lambda, CloudFront, CloudFormation, CloudWatch, Route 53, etc.).
- Practical knowledge of:
- AWS foundation services related to compute, network, storage, content delivery, administration and security, deployment and management, automation technologies;
- Cybersecurity tools, technologies and standards, such as OWASP.
- Knowledge and experience with:
- Modern IT approaches such as DevOps, Software Defined Network & Platform, Infrastructure as Code, Commercial cloud services and zero trust network;
- Cloud design and architecture for security to mitigate cloud security risks;
- Commercial, open source or hand scripted security assessment tools to uncover system vulnerabilities;
- Operational security management techniques, architecture and designs;
- Cybersecurity attributes (e.g., confidentiality, integrity, availability, accountability, assurance, etc.) and security measures (e.g., authentication, authorisation etc.);
- Risk management methodologies and risk evaluation techniques;
- System security architecture concepts including network topology, protocols, components and principles (e.g., application of Defence in-Depth), and ability to specify where and how security controls should be applied to or engineered into the security design.
YOU WILL CATCH OUR ATTENTION IF YOU:
- Have knowledge in Azure.
- Possess CISSP and/or CISA certifications, and Cloud security or DevSecOps-related certification.
- Have DevOps know-how in building and deploying infrastructure with Cloud deployment, build and test automation technologies like ansible, chef, puppet, docker and jenkins.
(Salary range: $5,000 to $7,000)