Senior/Cyber Security Engineer (Cyber Security Defense)

NTU’s Centre for IT Services manages the campus-wide IT Infrastructure and facilitate access to all Enterprise IT systems, as well as Learning systems and Digital Media.

Cyber Security which is part of Centre for IT Services is Responsible for the Cyber Security Governance, Risk, Compliance & Awareness, Architecture, Consultancy & Engineering, Security Monitoring, Incident Response, Threat Intelligence and Digital forensic investigation.

This role will be part of the Cyber Security Defense team. The role is expected to work with various teams throughout NTU to ensure feasible, compliant, and effective implementation in accordance to Cyber Security policies, standards, and procedures.

Responsibilities

• Design and implement security solutions to enable rapid detection and response to cybersecurity attacks.

• Operational support for Security Incident event management (SIEM), Privileged Access management (PAM) and other Enterprise security solutions. (eg Endpoint detection and response, Data Loss protection suite etc) for NTU and Autonomous institutes.

• Ensure standard operating procedures are reviewed up to date as well as operation metric reporting and performance requirements are met.

• Collaborate with internal teams, schools, or departments for onboarding of Privileged accounts, data sources for the SIEM.

• Review and continually enhance system performance and work with Computer Security Defense team in the development of new use cases to improve our Cyber threat detection capabilities.

• Conduct root cause analysis during system outage and troubleshoot within limited time constraints to ensure end user/ projects operations.

• Identify control gaps or weaknesses in current processes and recommend measures, tools or software application that will enhance the team capabilities and overall security posture of NTU.

• Responsible for capacity planning and disaster recovery testing for Enterprise security solutions.

• Participate in relevant audit activities.

• Responsible to the continuous improvement and support implementation of Enterprise security solutions.

• Participate in security projects or initiatives by the team.

• Lead and drive related Cyber defense initiatives to improve NTU cyber security posture.

Requirements

• Degree in Computer Science, Computer Engineering, or related discipline

• CISSP, CISA, CISM, GIAC relevant IT security certification 

• At least 6-8 years of IT related working experience with at least 2-3 years in Security Engineering and Operations roles.

• Prior experience working in Cyber Defense Operation or Security Operations Centre.

• Understanding and working experience in Cyber Security Incident detection and response practices and/or processes. e.g., NIST Incident Handling Guidelines, Cyber Kill Chain, MITRE ATT&CK Framework etc.

• Experience with Cyber Security solution such as Security Information & Event Management (SIEM), Endpoint Detection & Response, Threat Intelligence solutions, Privileged Access management or other enterprise security solutions.

• Experience in implementing security audits, controls, and mitigating measures on enterprise security solutions.

• Suitable Candidate with lesser relevant and demonstrable experience maybe considered for more junior appointment grade.