Information Technology - Cyber Security Applications Engineer

Job Description

You will be a member of the Group Information Security Team responsible for ensuring that IT solutions (both applications and infrastructure) are developed and designed with security inbuilt.

 

Key Responsibilities include:

  • Provide security consultancy, technical guidance, expertise, solutioning and education for en-terprise. 
  • Advise application and infrastructure teams on application and infrastructure security design that is relevant and fit for purpose. 
  • Align security architecture frameworks and standards with business strategies and functions. Maintain Cyber risk management framework and perform assessment of applications for emerging areas like cloud security, machine learning etc.
  • Advise and review application security design to detect potential security issues and for each issue, propose and drive remediation tasks. Develop application security blueprints. Propose and/or develop training courses to advance developers’ security knowledge.
  • Perform threat modelling on security critical applications. Keep up to date on emerging secu-rity threats and vulnerabilities on new platforms adopted by the SIA Group. Define scope and review the results of security tests, reviews and audits to ensure security assurance is achieved.
  • Any relevant ad-hoc duties. Manage individual project priorities, deadlines and deliverables. This is an individual contributor role. Strong communication skills.

 

Requirements

  • Degree in IT or related fields, with at least 5 years in information security, especially in the application security space.
  • Professional security certifications (CISSP, CSSLP, CEH, CCSP etc) preferred.
  • Technical proficiency in one or more of the following security areas: network design, zero trust, Internet of Things, cryptography etc.
  • Strong in-depth working knowledge in secure application development techniques. Secure by Design. Secure source code review. Prior experience with any of the following tools: Static Application Security Testing (SAST), Dynamic Application Security (DAST), Software Compo-sition Analysis (SCA).
  • Strong understanding of Agile, DevSecOps, OWASP Top 10, and securing cloud technolo-gies. Familiar with common web/mobile application vulnerabilities and technical knowledge to address and mitigate vulnerabilities.
  • Knowledge of cyber security threats, vulnerabilities, hacking and exploit methods etc. Any prior vulnerability management experience preferred.
  • Strong oral, written, presentation and inter-personal skills.
  • Possess positive attitude with drive, initiative, enthusiasm, and a keen sense of urgency in resolving high-priority issues.
  • Able to work independently and in a team-oriented, collaborative environment.

 

We thank all candidates for your interest in Singapore Airlines, and regret that only shortlisted candidates will be notified.
 

651