Senior Engineer (Operations and Implementation Support)

• Manage ANS projects/ systems including cyber-security implementations, as well as the design and engineering information security (e.g. authentication, perimeter security, security compliance tools), technology systems (software & hardware), and security policies / procedures.
• Implement solutions to enhance cyber-security posture (e.g. cyber defenses, mitigation measures) to meet CAAS', national, international standards and requirements.
• Work closely with multiple stakeholders both internal and external (including other government agencies, system suppliers, maintenance operators, operation users, IT consultants/auditors etc) which include coordinate, liaise, support and conduct meetings to facilitate and validate the implementation in accordance with national and international cybersecurity standards and requirements.
• Coordinate, liaise, support and conduct internal as well as external audit needs/issues including technical discussions and internal audits (e.g. scanning exercises, penetration tests).
• Formulate process and procedures relating to cyber security through continuous engagement with the various stakeholders including the regulator, industry players and relevant agencies.
• Keep abreast of the latest industry cybersecurity practices and technologies as well as emerging threats and vulnerabilities, then recommend appropriate controls for implementation to improve the ANS systems security posture.
• Conduct investigations into security breaches to determine the cause of the incidents and work closely with multiple stakeholders both internal and external to resolve the incidents, participate in post-incident reporting and study/implement the proposed enhancement to the systems and infrastructure to close the security gaps.
• Manage relevant security documentation and updating of the ANS Group's overall security programme, including planning, coordinating and conducting relevant training for security and assurance matters to raise and maintain high cyber security awareness in the ANS Group.
• Coordinate internal and external audit needs/issues and participate in technical discussions and internal audit (e.g. scanning exercises, penetration tests).

• Trained in Cybersecurity, Information Security, Information Technology, Computer Science, Engineering (Computing/ Electrical/ Electronics/ Telecommunication) or equivalent
• Professional certification such as Certified Information Security Auditors (CISA) and/or Certified Information Systems Security Professional (CISSP) would be advantageous.
• An active professional certification in Cybersecurity or Information Security from ISACA, (ISC)2 or equivalent will be an advantage
• At least 3-5 years of relevant experience in system project implementation and cybersecurity compliance and/or cybersecurity work experiences in ICT infrastructure or network implementation
• Possess good experience in managing cybersecurity projects, preferably having gone through at least one project implementation life cycle
• Strong domain knowledge of information security governance and risk management, controls, vulnerability assessment/penetration testing, compliance, business continuity, investigations, system architecture and design, legal, and industry IT and cyber security best-practices.
• Able to show understanding of the relationship between cybersecurity and the broader business goals and objectives
• Self-motivated and independent, a good team player with well-rounded skillset, and can-do attitude
• Curious and passionate about cybersecurity with a hacker mindset
• Excellent verbal, written communication and interpersonal skills
• Strong analytical, presentation and negotiation skill

Civil Aviation Authority of Singapore