SENIOR APPLICATION SECURITY ENGINEER

Raytheon Technologies

Changi, Singapore
Permanent
Full-time

2 months ago

Date Posted: 2021-09-30-07:00Country: SingaporeLocation: 39 Changi North Crescent, SingaporePosition Title:Senior Application Engineer EngineerPosition Grade:P3/ P4Department:Innovation Hub SingaporeReview byBonar Asido SihombingJob Summary(Description of generalpurpose of the job)We are looking for an Application Cyber Security Analyst/ Engineer with some Network Engineering background to be part of Collins Singapore Innovation Hub team. The resource will work with digital and automation solution development team, to assess the security aspect of the IT and OT solution within the organization’s Industry 4.0 digital solution ecosystem, explore, research and recommend secure design and mitigation steps, as well as support solution proof of concept, piloting and implementation of new technology.Roles andResponsibilities(Essential roles, responsibilities an d activities a candidate can expect to assume in thisposition)

Works with application development team, business unit process experts, and outsource technology partner to design and secure IT/OT solutions.
Develop functional, interface and technical specifications for software and hardware for security assessment.
Drive DevSec platform and practices for Digital Innovation Hub team such as version control system, static and dynamic code scanning.
Responsible for application security test solutions such as vulnerability assessment and penetration testing,
Support development team and Corporate network team assessment around application security monitoring with tools such as IDS/IPS, firewall, EDR, SIEM, SOAR, Threat Intelligence platform etc.
Contribute to architecturally significant requirements and technical risk area identification.
Support testing for products system integration, to ensure security compliance.
Serve in a design quality role (systems) helping to assure that development teams observe Secure Software Development practices.
Ensure the ongoing management of a Secure Software Development Life Cycle to ensure on time delivery of application sprints with security compliance and best practices.
Keep updated about the latest threat, IT security technology and adherence guidelines and reflect existing and coming security solutions.

Competencies(Essential competenciesrequired for this position)Selection at least 3 and max 5 Rank by importance (1 being most important)Type of CompetenciesRankAdaptability 2Analytical Skills 4Business JudgmentCommunication 3Customer FocusDeveloping TalentFocus on Results 1Forward ThinkingListeningStrategic LeadershipTeamworkDimension andScope(Describe how theposition fits into the organization as a whole as well as the level ofaccountability)Supervisory responsibility: (if any)NoBudgetary Responsibility: Yes / No YesOther financial metrics impacted by this position (eg. Revenue, bookings, etc) NoQualification andEducationRequirements(Education and Work experience that a candidate should have when applying for position)Minimum Education required (specific field or equivalent):

Degree in Computer Science/ Computer Engineering/Information technology.
A passion for ongoing management of a Secure Software Development Life Cycle

Minimum years of experience in role:

Experience on Secure Software Development, secure code quality control, and application and system integration vulnerability assessment.
Experience with Application Development and Software Assurance in a highly regulated industry
Technical background in the areas of Enterprise IT and industrial control systems, process control networks, SCADA or other industrial automation is important and preferred
Strong understanding in cybersecurity risks and controls, vulnerability assessment, endpoint security solutions, managed security service, cloud security.
Experience with different cyber security controls and solutions, e.g. Identity and access management, network security, endpoint security, application security, IDPS, deep packet inspection, SIEM, data analytics, security and/or risk management, SOC and NOC are strongly preferred
Good knowledge in one or multiple areas such as Windows, UNIX, mid-range, firewalls, intrusion detection, threat detection analysis, and/or information risk management.
Knowledge of local and global compliance standards and guideline (e.g. PDPA, PCI, SOX, HIPAA, NIST, MITRE ATT&CK, OWASP).
Good knowledge of performing routing protocols (MPLS, HAIPE/IP, QOS and WAN).
Good knowledge of performing secure configuration on network assets, e.g. Firewall, Gateway devices, Switches, NAT, Domain controller, encryption certificate, etc.
Strategic security certifications (e.g. CISSP, CISM) is desirable
Independent thinking, willingness to \"step outside the box\" and take reasonable, calculated risks.
Passionate and lean towards Innovation, exploration of new way of reducing new technology security risk to the minimum.
Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources.
Experience with working on global teams across time zones, cultures and languages.

Preferred Skills (if any):

Demonstrated Excellent level of analytical ability, communication and interpersonal skills required to build relationships with team members to solve problems and resolve issues.
Experience on Secure Software Development, secure code quality control, and application and system integration vulnerability assessment.
Experience with Application Development and Software Assurance in a highly regulated industry
Technical background in the areas of Enterprise IT and industrial control systems, process control networks, SCADA or other industrial automation is important and preferred

General role in supporting ACE, EH&S, Ethics &Compliance andQuality initiativesACE:

Support the Continuous Improvement programs and ACE activities within the company
Minimum ACE Associate certification under ACP

EH&S:

Support and participate in the EH&S programs and activities within the company
Report all incidents (injuries, illnesses, near misses, spills etc), hazardous conditions, and emergencies to his/her supervisor
Responsible for performing a risk assessment of work activities, taking corrective and preventive actions
Comply with EH&S regulations/policies/programs/rules and use Personal Protective Equipment (PPE)
Participate in audits and inspections as and when required
Attend EH&S training programs and takes personal responsibility for safety

Ethics & Compliance:

Understand and carry out work performance in compliance with the UTC Code of Ethics, its Supplements and governing policies and the International Trade Policies and Procedures

Quality:

Provide a quality product/service that satisfies our customers’ needs and expectations the first time, every time
Emphasize a total quality management process which provides accuracy, and strict compliance with agency regulations and customer requirements, giving the highest degree of confidence; understanding that meeting the requirements of the next employee in the work flow process is just as important as meeting the needs of external customer.

OthersThis job description is not necessarily a complete list of all job functions, requirements or working conditions. The Company reserves the right to modify essential job functions, job roles & responsibilities and job qualification at any time.Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.Privacy Policy and Terms:Click on this to read the Policy and Terms

Raytheon Technologies

Apply Now