IT Operational Security Engineer

Singapore, North West, Singapore


The IT Operational Security Engineer supports the IT Security & Compliance Manager in ensuring that OneSpan’s corporate network, as well as (external) services are secure against external (cyber-) attacks and leakage of information to the outside world. IT Operational Security Engineer is responsible for a continuous optimal security of computer- and communication systems for OneSpan during APAC business hours.

The IT Operational Security Engineer reports to the IT Security & Compliance Manager.

Key Tasks

  • Administer network and computing devices/systems that enforce security policies and audit controls in Windows environment
  • Formulate security architecture recommendations and design security services
  • Assist in responses to external audits, penetration tests and vulnerability assessments
  • Recommend and coordinate the application of fixes, patches, disaster recovery procedures as part of the ongoing Risk management program as well as in the event of a security breach
  • Research emerging technologies in support of security enhancement efforts
  • Conduct risk assessments, penetration tests and diagnose internet/extranet security, intrusion attempts, and cyber-crime response Registering the calls in the IT monitoring tool according to the agreed procedures
  • Locally Installing client software and operating systems
  • Identifying infrastructural needs through listening to user requests, pro-active monitoring and following advice of the IT Security & Compliance Manager of existing infrastructure to confer with the Head of Global IT Services to establishing requirements for new systems and/or modifications.
  • Monitoring the daily security of the worldwide IT infrastructure.


Job Requirements

  • General solid familiarity with application and network security.
  • Must be able to perform hands-on support for a wide range of security  technologies like IPS, DLP, PKI, malware  analysis and protection, firewalls, vulnerability scanners, LDAP, forensics software, security incident response, …
  • Experience in working with compliance and regulatory program requirements.
  • Experience analyzing network, event and security logs, IPS alert logs as vulnerability scanning tools
  • Experience in vulnerability scanning tools like Nessus is a must
  • Experience in third party patching is a must
  • Experience with advanced malware technologies is a plus
  • Excellent analytical and problem solving skills with a solution-focused attitude
  • Having extensive practical knowledge of Windows 10/2016
  • Knowledge of Active Directory
  • Knowledge of Azure/AWS security best practices
  • Knowledge of Microsoft product update procedures
  • Good knowledge of TCP/IP, DNS, routing and network topology
  • Good knowledge of firewalls, specifically Palo Alto technology
  • Knowledge of VMware Vsphere / vCenter
  • Knowledge of OneSpan products (IDENTIKEY / DIGIPASS) is a plus
  • Three years hands-on experience in IT Security
  • Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy
  • Strong  self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism
  • Willingness to join a 24x7 availability program (intermitted)
  • Fluent in Chinese and English
  • Willingness to travel occasionally to Belgium