The Senior Cyber Security Operations Engineer is an expert level cyber engineer that maintains, reviews and administers the infrastructure hardware and software that are used by the Sands Global Cyber Security Operations Centre.
This role sits within the Marina Bay Sands’ Cyber Security Operations Centre (CSOC). MBS CSOC operates a follow-the-sun model, partnering with Las Vegas Sands Corp CSOC. The mission of MBS CSOC is to protect and defend MBS and LVS against cyber-attacks targeting the gaming, retail and hospitality sector.
The Senior Cyber Security Operations Engineer ensures that the current and future CSOC tools continue to be effective against potential cyber threats. If required, the Cyber Security Operations Engineer is also capable of providing focused effort and troubleshooting of technical issues that impact the CSOC tools. This position is an individual contributor and works closely with the global CSOC team members in other centers around the world.
- Consistent and regular attendance is an essential function of this job.
- Ensure issues with MBS CSOC tools are detected, responded and / or escalated in a timely fashion.
- Ensure MBS CSOC tools are maintained, reviewed and continue to be effective in detecting cyber threats.
- Ensure new tools introduced as part of Global CSOC initiatives are operationalized into MBS CSOC environment.
- Ensure Cyber Security Operations Engineering runbooks are reviewed and updated timely.
- Ensure Cyber Security Operations Engineering metrics and trending, including the health of the security monitoring systems are collected, reviewed and analyzed timely
- Ensure IT compliance within MBS CSOC tools.
- Ensure MBS CSOC tools compliance to regulatory requirements.
- Coordinate with other stakeholders to resolve cases, where required.
- Support MBS CSOC in reviewing, enhancing and updating tools used by MBS CSOC.
- Performs other related duties as assigned.
- On-call for any technical issues affecting the availability of MBS CSOC tools.
- Key Tasks include:
- Coordinate with CSOC Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications.
- Perform system administration on specialized cyber defense applications and systems (e.g., antivirus), to include BAU configuration, maintenance, backup, and restoration.
- Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
- Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure.
- Create, edit, and manage network access control lists on specialized cyber defense systems (e.g., intrusion prevention systems).
- Identify potential conflicts with implementation of any cyber defense tools (e.g., tool and signature testing and optimization).
- Degree or Diploma with at least 5 years of work experience in supporting, reviewing and administering tools used in a Global CSOC environment.
- Professional cyber security engineering / tool related membership / certification is required.
- Experience in Gaming, Banking or Critical Infrastructure InfoComm Industry is preferred, but not a must.
- Proven effective verbal and written communication skills.
- Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Knowledge required:
- Computer networking concepts and protocols, and network security methodologies.
- Cybersecurity and privacy principles.
- Cyber threats and vulnerabilities.
- Specific operational impacts of cybersecurity lapses.
- Cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Cyber defense and information security policies, procedures, and regulations.
- Network traffic analysis methods.
- Network attack and a network attack’s relationship to both threats and vulnerabilities.
- Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
- Network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
- Network traffic analysis (tools, methodologies, processes).
- Applying host/network access controls (e.g., access control list).
- Tuning sensors / tools
- Using incident handling methodologies.
- Securing network communications.
- Protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
- Troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
- Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- System, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
You agree that it is a condition of employment that you adhere to and abide by all rules, regulations, policies and procedures including without limitation the rules of conduct of the Company.