SECURITY ENGINEER

Job Descriptions:

  • Take ownership of all security-related matters in Cynopsis

  • Instill the right security mindset and culture across the Technology team

  • Handle periodic vulnerability and penetration testings with 3rd party vendors and ensure proper resolution of any control weaknesses identified

  • Work with various teams including Business and Technology teams and pre-emptively identify security weaknesses as early as possible

  • Stay at the forefront of software security developments and trends globally

  • Monitor detect and document security incidents

  • Perform security incident response and root cause analysis. This includes after-office hours support on follow-the-sun model

  • Perform network vulnerability and application assessment and share the scan results with stakeholders and monitor issues till closure

  • Work closely with managed security provider, vendors, information system owners or representatives and infrastructure technical staffs on security incidents to perform incident handling and provide remedial actions

  • Ensure all security solutions are working and they comply with policy and procedures

  • Respond and remediate in a timely manner in relation to any service outages, with customer satisfaction as priority

  • Troubleshoot and remediate issue when necessary

  • Deploy and perform vulnerability assessment to IT assets

  • Perform monthly governance review on sensitive administrative activities and deliver monthly ad-hoc security reports

  • Reports into Head of DevOps/Infra/Security

Technical Requirements:

  • Bachelor's Degree in IT / Computer Science / Computing or related field

  • Experience in Infrastructure operations, security operations and security operations centre

  • Knowledge of networking and AWS Cloud Security practices

  • Strong knowledge of vulnerability assessment and its tools

  • Ability to interpret issue discovered from cloud and application vulnerability testing

  • Python, JS knowledge is an advantage

  • Certified Information System Auditor (CISA), Certified Information System Security Professional (CISSP) or ITIL certification will be an added advantage

  • Previous experience with an ISO 27001 is an advantage

  • Prior working experience in banks, financial institutions or FinTech is an advantage

  • Working knowledge of MAS Technology Risk Management Guidelines and Association of Banks in Singapore OSPAR or equivalent

Personal Attributes:

  • Passionate about cybersecurity, technology risk and emerging trends

  • Good team player who wants to make a positive impact to Cynopsis and its clients

  • Excellent communication skills and proactively interact and ideate with

  • Willingness to go the extra mile to help clients and colleagues overcome technical issues

  • Ability to multi-task and work efficiently under pressure and deadlines