Date Posted:

2021-09-30-07:00

Country:

Singapore

Location:

39 Changi North Crescent, Singapore

Position Title:  

Senior Application Engineer Engineer

Position Grade:

P3/ P4

Department: 

Innovation Hub Singapore

Review by

Bonar Asido Sihombing

Job Summary

(Description of general

purpose of the job)

We are looking for an Application Cyber Security Analyst/ Engineer with some Network Engineering background to be part of Collins Singapore Innovation Hub team. The resource will work with digital and automation solution development team, to assess the security aspect of the IT and OT solution within the organization’s Industry 4.0 digital solution ecosystem, explore, research and recommend secure design and mitigation steps, as well as support solution proof of concept, piloting and implementation of new technology.

Roles and 

Responsibilities

(Essential roles, responsibilities an d activities a candidate can expect to assume in this

position)

Works with application development team, business unit process experts, and outsource technology partner to design and secure IT/OT solutions.Develop functional, interface and technical specifications for software and hardware for security assessment.Drive DevSec platform and practices for Digital Innovation Hub team such as version control system, static and dynamic code scanning.Responsible for application security test solutions such as vulnerability assessment and penetration testing,Support development team and Corporate network team assessment around application security monitoring with tools such as IDS/IPS, firewall, EDR, SIEM, SOAR, Threat Intelligence platform etc.Contribute to architecturally significant requirements and technical risk area identification.Support testing for products system integration, to ensure security compliance.Serve in a design quality role (systems) helping to assure that development teams observe Secure Software Development practices.Ensure the ongoing management of a Secure Software Development Life Cycle to ensure on time delivery of application sprints with security compliance and best practices.Keep updated about the latest threat, IT security technology and adherence guidelines and reflect existing and coming security solutions.

Competencies

(Essential competencies

required for this position)

 Selection at least 3 and max 5  Rank by importance (1 being most important)

Type of Competencies

Rank

Adaptability 2

Analytical Skills 4

Business Judgment

Communication 3

Customer Focus

Developing Talent

Focus on Results 1

Forward Thinking

Listening

Strategic Leadership

Teamwork

Dimension and

Scope

(Describe how the

position fits into the organization as a whole as well as the level of

accountability)

Supervisory responsibility: (if any)

No

Budgetary Responsibility: Yes / No Yes

Other financial metrics impacted by this position (eg. Revenue, bookings, etc) No

Qualification and

Education

Requirements

(Education and Work experience that a candidate should have when applying for position)

Minimum Education required (specific field or equivalent): 

Degree in Computer Science/ Computer Engineering/Information technology.A passion for ongoing management of a Secure Software Development Life Cycle

Minimum years of experience in role: 

Experience on Secure Software Development, secure code quality control, and application and system integration vulnerability assessment.Experience with Application Development and Software Assurance in a highly regulated industryTechnical background in the areas of Enterprise IT and industrial control systems, process control networks, SCADA or other industrial automation is important and preferredStrong understanding in cybersecurity risks and controls, vulnerability assessment, endpoint security solutions, managed security service, cloud security.Experience with different cyber security controls and solutions, e.g. Identity and access management, network security, endpoint security, application security, IDPS, deep packet inspection, SIEM, data analytics, security and/or risk management, SOC and NOC are strongly preferredGood knowledge in one or multiple areas such as Windows, UNIX, mid-range, firewalls, intrusion detection, threat detection analysis, and/or information risk management.Knowledge of local and global compliance standards and guideline (e.g. PDPA, PCI, SOX, HIPAA, NIST, MITRE ATT&CK, OWASP).Good knowledge of performing routing protocols (MPLS, HAIPE/IP, QOS and WAN).Good knowledge of performing secure configuration on network assets, e.g. Firewall, Gateway devices, Switches, NAT, Domain controller, encryption certificate, etc.Strategic security certifications (e.g. CISSP, CISM) is desirableIndependent thinking, willingness to \"step outside the box\" and take reasonable, calculated risks.Passionate and lean towards Innovation, exploration of new way of reducing new technology security risk to the minimum.Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources.Experience with working on global teams across time zones, cultures and languages.

Preferred Skills (if any): 

Demonstrated Excellent level of analytical ability, communication and interpersonal skills required to build relationships with team members to solve problems and resolve issues.Experience on Secure Software Development, secure code quality control, and application and system integration vulnerability assessment.Experience with Application Development and Software Assurance in a highly regulated industryTechnical background in the areas of Enterprise IT and industrial control systems, process control networks, SCADA or other industrial automation is important and preferred

General role in supporting ACE, EH&S, Ethics &

Compliance and

Quality initiatives

ACE:

Support the Continuous Improvement programs and ACE activities within the companyMinimum ACE Associate certification under ACP

EH&S:

Support and participate in the EH&S programs and activities within the companyReport all incidents (injuries, illnesses, near misses, spills etc), hazardous conditions, and emergencies to his/her supervisorResponsible for performing a risk assessment of work activities, taking corrective and preventive actionsComply with EH&S regulations/policies/programs/rules and use Personal Protective Equipment (PPE)Participate in audits and inspections as and when requiredAttend EH&S training programs and takes personal responsibility for safety

Ethics & Compliance:

Understand and carry out work performance in compliance with the UTC Code of Ethics, its Supplements and governing policies and the International Trade Policies and Procedures

Quality: 

Provide a quality product/service that satisfies our customers’ needs and expectations the first time, every timeEmphasize a total quality management process which provides accuracy, and strict compliance with agency regulations and customer requirements, giving the highest degree of confidence; understanding that meeting the requirements of the next employee in the work flow process is just as important as meeting the needs of external customer.

Others

This job description is not necessarily a complete list of all job functions, requirements or working conditions.  The Company reserves the right to modify essential job functions, job roles & responsibilities and job qualification at any time.

Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms