Information Security Engineer

As an individual contributor on our Cybersecurity engineering team,you will be responsible for designing, implementing, and maintaining our information security infrastructure, as well as identifying and mitigating security threats.

• Develop, implement, and maintain information security policies, procedures, and standards to protect company data and systems.
• Conduct regular security assessments, vulnerability testing, and penetration testing to identify potential threats and vulnerabilities.
• Monitor network traffic and system activity to detect and respond to security incidents and breaches in real-time.
• Collaborate with IT and other departments to design and implement security measures for new and existing systems, applications, and infrastructure.
• Manage and configure security tools and technologies, including firewalls, intrusion detection/prevention systems, antivirus software, and encryption solutions.
• Investigate and respond to security incidents, including data breaches, malware infections, and unauthorized access attempts.
• Ensure compliance with industry standards, regulations, and best practices, such as GDPR, HIPAA, PCI-DSS, and ISO 27001.
• Provide training and guidance to employees on security best practices and emerging threats.
• Stay up-to-date with the latest security trends, technologies, and threat intelligence to continually improve the organization's security posture.
• Develop and maintain disaster recovery and business continuity plans.

Preferred Experience (Optional but valued):

This role requires a deep understanding of security protocols, a proactive approach to risk management, and the ability to stay current with emerging security trends and threats.

• Experience in common continuous integration tools such as GitHub Actions, Jenkins and CircleCI.
• Advanced experience with the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework
• Experienced DevOps or DevSecOps practitioner
• Advanced knowledge of security controls, audits, and configurations including SIEM (Splunk, QRadar) & EDR (Crowdstrike, Carbon Black)

Only for Singaporeans/PR's