Share this Job

Senior Cybersecurity Operations Specialist

Apply now »
Apply now

Apply for Job

Date: 20-Sep-2022

Location: StarHub Green

Company: StarHub Ltd

Job Description

 

The candidate will report to Head (SecOps) and is responsible to design, develop and implement secure system architecture. The design secure system architecture will embed with security principles to protect StarHub's infrastructure and information asset from cyber threats that are constantly evolving.  This role will be working with a team of cyber security enthusiasts to safeguard our systems against cyber-attacks and threats.  The candidate needs to possess strong technical competency and an effective communication skill to engage various StarHub stakeholders. He/She will perform routine activities related to the periodic review and audit activities of infrastructure security systems and maintains documentation of security standards and procedures. 

 

Responsibilities

1. Develop architecture requirements and maintain oversight

  • Design security controls and systems in alignment with security guidelines
  • Assist in the testing and evaluation of new security technologies and controls
  • Recommend security products, services and procedures to enhance system architecture designs
  • Document the design, operation, use, and expected outputs of new systems 
  • Conduct research on modern security software architectures and network architecture design best practices
  • Drive continuous process improvement for the security services

2. Implement security systems    

  • Implement new enterprise security architecture, technologies and enhancements 
  • Identify techniques to scale up and automate security infrastructure and processes
  • Resolve issues that arise in implementation of new security systems
  • Monitor security systems for strengths and weaknesses and propose improvements to address weaknesses

3. Manage security systems     

  • Responsible for the maintenance of security systems, platforms and associated software
  • Develop and implement custom disaster recovery drills and simulation tests on existing systems
  • Monitors, tracks and manages service faults till resolution and change requests.
  • Manages lifecycle of security solutions, ensuring that the solution is up-to-date and relevant to changing business needs and security landscape
  • Provide oversight and drive quality assurance over third party service providers
     

Qualifications

 

Bachelor’s degree in computer science or related field, or a similar field. Ideally, you have completed or are about to complete a Security certification (e.g. Security+, GCIA, GCIH, CISSP). And competent in scripting languages (e.g. Perl, Python, etc.).

Experiences in the following areas:

1. Business Needs Analysis

  • Elicit and analyse business requirements from key stakeholders and assess relevant solutions and their potential impact

2. Cyber and Data Breach Incident Management    

  • Provide root causes analysis and assessment on the implications of incidents.

3. Cyber Risk Management    

  • Develop cyber risk assessment techniques and roll-out endorsed measures to address identified cyber security risks, threats and vulnerabilities

4. Emerging Technology Synthesis    

  • Conduct research and identify opportunities for new and emerging technology to support the business needs

5. Infrastructure Design    

  • Translate a broader infrastructure blueprint into technical specifications and develop prototypes for simple infrastructure components

6. Network Security    

  • Manage network security solution

7. Security Administration    

  • Administer, configure and troubleshoot security solution platforms, and analyse impact of patches and updates on system and networks. Minimum 4 years of administration experience (see Technologies Competencies)

8. Security Architecture    

  • Design secure systems and define security specifications of components, integrating appropriate security controls.

9. Security Programme Management    

  • Detail the security requirements for system architecture components and implement security programmes. Minimum 2 years of implementation experience. (see Technologies Competencies)

10. Strategy Implementation    

  • Evaluate strategies for critical business functions to ensure plans are realistic and reflect health of business. 

11. Strategy Planning    

  • Develop resource allocation plans and implement strategies and policies

12. Technologies Competencies    

  • Networking, Network Taps and Data Diode, Host Security (Windows, Unix, Linux), Firewall (Packet Filtering, Application, Database, Web Application), VPN (IPSec & SSL), Distributed Denial of Service Protection, Content Disarm & Reconstruction, Public Key Infrastructure, Encryption (At-rest and in-transit), Data Loss Protection, Data Integrity, User Anomaly Detection, Intrusion Prevention System, Network Access Control, Forward Proxy, Reverse Proxy, Email Security Gateway (anti-spam, anti-virus, anti-malware, sandbox, EBC), Endpoint (Email, Anti-virus, Antimalware), Threat Detection & Response (Endpoint& Network), Vulnerability Management, Web Isolation, Log Management, Security Incident & Event Management, Security Orchestration, Cloud Security, Identity & Access Management, 2-Factor Authentication, Single Sign On, Privileged User Management, Mobile Device Management

 

*We regret that only shortlisted candidates will be notified.