Job Requirements
Skills
Job description for Software Security Engineer at Cynopsis Solutions Pte Ltd
Job Description:
- Take ownership of all security-related matters in Cynopsis.
- Instill the right security mindset and culture across the Technology team.
- Handle periodic vulnerability and penetration testings with 3rd party vendors and ensure proper resolution of any control weaknesses identified.
- Work with various teams including Business and Technology teams and pre-emptively identify security weaknesses as early as possible.
- Stay at the forefront of software security developments and trends globally
- Monitor detect and document security incidents.
- Perform security incident response and root cause analysis. This includes after-office hours support on follow-the-sun model.
- Perform network vulnerability and application assessment and share the scan results with stakeholders and monitor issues till closure.
- Work closely with managed security provider, vendors, information system owners or representatives and infrastructure technical staffs on security incidents to perform incident handling and provide remedial actions.
- Ensure all security solutions are working and they comply with policy and procedures.
- Respond and remediate in a timely manner in relation to any service outages, with customer satisfaction as priority.
- Troubleshoot and remediate issue when necessary.
- Deploy and perform vulnerability assessment to IT assets.
- Perform monthly governance review on sensitive administrative activities and deliver monthly ad-hoc security reports.
Requirement:
- Bachelor's Degree in IT / Computer Science / Computing or related field
- Experience in Infrastructure operations, security operations and security operations centre
- Knowledge of networking and AWS Cloud Security practices
- Strong knowledge of vulnerability assessment and its tools
- Ability to interpret issue discovered from cloud and application vulnerability testing
- Python, JS knowledge is an advantage
- Certified Information System Auditor (CISA), Certified Information System Security Professional (CISSP) or ITIL certification will be an added advantage
- Previous experience with an ISO 27001 is an advantage
- Prior working experience in banks, financial institutions or FinTech is an advantage
- Working knowledge of MAS Technology Risk Management Guidelines and Association of Banks in Singapore OSPAR or equivalent