Thales people architect solutions at the heart of the defence-security continuum. Interoperable and secure information and telecommunications systems for defence, security, and civil operators, are based upon innovative use of radiocommunications, networks, and cybersecurity. We are ground breaking new digital technologies such as 4G mobile communications, cryptography, cloud computing and big data for use in physical protection systems, and critical information systems.

Thales in Singapore has been present since 1973, providing state-of-the-art solutions for customers in the aerospace, defence, security and transportation markets. Today, Thales in Singapore employs over 600 people and is home to all regional avionics services, a ground transportation integration centre, and regional innovation hub.

The Security Engineer helps to ensure the compliance of Thales’s solution to the "cyber-secured by design" motto. He/She will assist the Head of Systems/IT Security in the implementation of security measures designed for Thales solutions. He/She may be tasked to oversee the design of security implementation relevant to his/her domain of expertise. He/She will also be required to provide guidance on the appropriate security solutions to use for tender proposals, and support bid managers in addressing the cyber-security concerns of their potential business leads. As an agile information security expert, you will also participate in the implementation of critical project security work packages, hence you will be expected to:

• Contribute to Information Security strategy and Agile security process improvement
• Ensuring fundamental requirements or state-of-art of specialty engineering is taken into account for solution element or component design and development.
• Contributing to formalization and implementation of allocated requirements to solution elements or components, to their interfaces and their verification criteria.
• Participates in solution integration and verifies that solution meets specialty requirements.

Responsibilities:

• Act as the security ‘partner’ of the Agile project teams, for all question related to information security
• Installation and configuration of security system hardware, that includes firewalls and intrusion detection devices, SIEM, 2FA
• Work with internal and external teams to successfully implement proposed security solutions such as host-based endpoint protection and data loss prevention
• Perform basic security audit or review of a system to highlight gaps in security compliance
• Assist the IT Security Manager in managing security incidents, vulnerability assessment and penetration testing end to end activities
• Support projects delivery teams in daily operations for security such as firewall administration, OS patching, and account reviews
• Provide security consultancy to internal teams on their project/business opportunity security needs
• Understands the security requirements and provide support to IT Security work packages in bids and projects
• Occasionally acts as the technical interface on security issues with customers responding to queries and providing technical solutions

Requirements:

The candidate should possess the following:

• Degree in Information Technology / Computer Science or equivalent
• 5 years’ experience in the IT Security domain
• Minimum 3 years of working experience in at least 2 of the following domains:
  • Application security
  • Network security
  • System security
  • Data security
  • Cloud security
• Experience in securing large and critical systems is an added advantage
• Ability to work alone and in a team
• Good communicator and at building relationships (with customers, partners and internal teams)
• Used to working in international teams (fluent English, intercultural skills)
• Readiness to work under time pressure and be able to adjust quickly to project demands
• Due to project requirements, Singaporeans/Singapore Permanent Residence (SPR) is highly preferred

Technical skills:

• Technical hands-on expertise in firewalls, IDS/IPS, AV, IAM, or PIM preferred
• Strong knowledge of TCP/IP and network protocols, mobile technologies or virtualization will be advantageous
• Able to write simple shell scripts or Python/Perl scripts for system administration tasks
• Experience in vulnerability assessment and penetration testing will be advantageous
• Good knowledge/experience in major Security Standards and Guidelines
  • ISO 27001
  • NIST
  • Common Criteria
  • CIS

Professional Qualifications are good to have:

An internationally recognised professional security certifications such as

• Certified Information Security Auditor (CISA),
• Certified Information Systems Security Professional (CISSP),
• OSSTMM Professional Security Tester (OPST)
• SANS’ Global Information Assurance Certification (GIAC)
• GIAC Penetration Tester (GPEN)

At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!