Cybersecurity Operations Engineer

[What the role is]

EXECUTIVE ENGINEER / ENGINEER, CYBERSECURITY OPERATIONS

[What you will be working on]

You will join the Cybersecurity Operations team and strengthen cybersecurity readiness, detection and incident management capabilities of Land Transport CIIs, digital IT systems against cyber threats and to ensure the continuity of the essential services. The candidate should possess strong technical skills, industry certifications, and a passion for staying ahead of the latest cybersecurity trends. The key responsibilities include:

•Perform architecture design and lead deployment of Cybersecurity Operations Centre (SOC) and related technologies to strengthen security monitoring, incident response, data loss prevention, vulnerability management, threat intelligence and threat hunting. To work closely with contractor on design plans, test cases and test acceptance.

•Support LTA-CERT, perform analysis and investigation of escalated cybersecurity alerts and perform containment and remediation of cybersecurity incidents.

•Collaborate with cross-functional teams to strengthen cybersecurity incident management processes with internal and external stakeholders (e.g. key suppliers, partners, operators, projects and systems etc).

•Plan and participate in cybersecurity table-top exercises to ensure cyber operation team’s readiness for cybersecurity incidents.

•Stay updated on the latest cybersecurity threats, technologies, and best practices to continuously improve the organization's security posture.

•Communicate effectively with internal and external stakeholders to provide insights and recommendations on cybersecurity measures.

[What we are looking for]

•Tertiary qualification in Cybersecurity, Computer Science, IT/Engineering or equivalent.
•At least 2 years of experience in cybersecurity incident handing and response.
•Professional certifications such as CISSP or any SANS GIAC Security Certifications (e.g., GCIH) and strong knowledge of industry standards and best practices e.g. CSA Cybersecurity Code of Practice (CCoP), NIST Cybersecurity Framework, MITRE ATT&CK framework, ODNI Cyber Threat Intelligence Integration Centre’s Cyber Threat Framework would be advantageous.
•Experience in SOC operations, security consultancy and security operations are advantageous.
•Up-to-date date knowledge on any of various cybersecurity security methodologies and technologies (e.g. technical vulnerability assessment and penetration testing, data/ cybersecurity analytics, SIEMs, incident management, cyber range, digital forensics).
•Experience in use of smart technologies (e.g. GenAI, RPA, Data Analytics etc) in improving cybersecurity operation processes is advantageous.
•Good understanding, and ability to translate cybersecurity threats or risk to impacts on the ICT/OT environment and appropriate mitigation techniques will be advantageous.
•Highly motivated with drive and energy, project management, team collaboration, analytical/problem-solving, excellent communication, written and interpersonal skills.