The candidate reports to the Head, Cybersecurity and is responsible for implementing and managing the various security solutions to protect StarHub's infrastructure and information asset from cyber threats that are constantly evolving. This role will be working with a team of cyber security enthusiasts to safeguard our systems against cyber-attacks and threats.
The candidate needs to possess strong technical competency and an effective communication skill to engage various StarHub stakeholders.
- Performs implementation and system administration including advanced troubleshooting
- Responsible for day-to-day operations of security solutions meeting security operations service level agreement
- Monitors, tracks and manages service faults and change requests
- Manages lifecycle of security solutions, ensuring that the solution is up-to-date and relevant to changing business needs and security landscape
- Drive continuous process improvement for the security services
- Develop, implement and maintain operating procedures
- Build and maintain clear and concise documentation
- Deliver monthly dashboard metric in a timely manner
- Provide oversight and drive quality assurance over third party service providers
- Preferably Bachelor degree in Computer Science / IT related field
- Professional security certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Risk and Information System Control (CRISC), GIAC Continuous Monitoring Certification (GMON), Global Industrial Cyber Security Professional (GICSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA) or other similar credentials.
- Minimum 4 years of administration experience (see Technologies Competencies)
- Minimum 2 years of implementation experience. (see Technologies Competencies)
- Preferably 2 years of security system integration experience for security solutions that requires medium to complex integration
- Competent in scripting languages (e.g. Perl, Python, etc.)
- Strong competency in at least 3 of the security technologies (see Technologies Competencies)
- Networking, Network Taps and Data Diode, Host Security (Windows, Unix, Linux), Firewall (Packet Filtering, Application, Database, Web Application), VPN (IPSec & SSL), Distributed Denial of Service Protection, Content Disarm & Reconstruction, Public Key Infrastructure, Encryption (At-rest and in-transit), Data Loss Protection, Data Integrity, User Anomaly Detection, Intrusion Prevention System, Network Access Control, Forward Proxy, Reverse Proxy, Email Security Gateway (anti-spam, anti-virus, anti-malware, sandbox, EBC), Endpoint (Email, Anti-virus, Antimalware), Threat Detection & Response (Endpoint& Network), Vulnerability Management, Web Isolation, Log Management, Security Incident & Event Management, Security Orchestration, Cloud Security, Identity & Access Management, 2-Factor Authentication, Single Sign On, Privileged User Management, Mobile Device Management
*We regret that only shortlisted candidates will be notified.