IT Operational Security EngineerSingapore, North West, Singapore
The IT Operational Security Engineer supports the IT Security & Compliance Manager in ensuring that OneSpan’s corporate network, as well as (external) services are secure against external (cyber-) attacks and leakage of information to the outside world. IT Operational Security Engineer is responsible for a continuous optimal security of computer- and communication systems for OneSpan during APAC business hours.
The IT Operational Security Engineer reports to the IT Security & Compliance Manager.
- Administer network and computing devices/systems that enforce security policies and audit controls in Windows environment
- Formulate security architecture recommendations and design security services
- Assist in responses to external audits, penetration tests and vulnerability assessments
- Recommend and coordinate the application of fixes, patches, disaster recovery procedures as part of the ongoing Risk management program as well as in the event of a security breach
- Research emerging technologies in support of security enhancement efforts
- Conduct risk assessments, penetration tests and diagnose internet/extranet security, intrusion attempts, and cyber-crime response Registering the calls in the IT monitoring tool according to the agreed procedures
- Locally Installing client software and operating systems
- Identifying infrastructural needs through listening to user requests, pro-active monitoring and following advice of the IT Security & Compliance Manager of existing infrastructure to confer with the Head of Global IT Services to establishing requirements for new systems and/or modifications.
- Monitoring the daily security of the worldwide IT infrastructure.
- General solid familiarity with application and network security.
- Must be able to perform hands-on support for a wide range of security technologies like IPS, DLP, PKI, malware analysis and protection, firewalls, vulnerability scanners, LDAP, forensics software, security incident response, …
- Experience in working with compliance and regulatory program requirements.
- Experience analyzing network, event and security logs, IPS alert logs as vulnerability scanning tools
- Experience in vulnerability scanning tools like Nessus is a must
- Experience in third party patching is a must
- Experience with advanced malware technologies is a plus
- Excellent analytical and problem solving skills with a solution-focused attitude
- Having extensive practical knowledge of Windows 10/2016
- Knowledge of Active Directory
- Knowledge of Azure/AWS security best practices
- Knowledge of Microsoft product update procedures
- Good knowledge of TCP/IP, DNS, routing and network topology
- Good knowledge of firewalls, specifically Palo Alto technology
- Knowledge of VMware Vsphere / vCenter
- Knowledge of OneSpan products (IDENTIKEY / DIGIPASS) is a plus
- Three years hands-on experience in IT Security
- Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy
- Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism
- Willingness to join a 24x7 availability program (intermitted)
- Fluent in Chinese and English
- Willingness to travel occasionally to Belgium