linkedin
Cybersecurity Specialist
Changi Airport Group
Changi, KSA
Full Time
Mid
Onsite
3 weeks ago
Vulnerability AssessmentPenetration TestingSecurity ControlsIncident ResponseOWASP Top 10NIST
Free
Job Fit Check
Base Career helps you apply smarter for this job.
?%
Ready to ScanKey skills for this role
Vulnerability AssessmentPenetration TestingSecurity Controls
About the Role
Changi Airport Group seeks a Cybersecurity Specialist to defend airport systems, applications, and infrastructure from cyberattacks. Responsibilities include vulnerability assessment, security control implementation, secure development practices, incident response, and staying current with threats.
Key Skills for This Role
Vulnerability AssessmentPenetration TestingSecurity ControlsIncident ResponseOWASP Top 10NIST
Responsibilities
- Assess cybersecurity aspects of design proposals for different systems, applications and infrastructure
- Source, manage and oversee external service providers for annual vulnerability assessment and penetration testing
- Recommend and apply suitable security measures based on industrial best practices and standards
- Contribute to development and maintenance of security policies, procedures, configurations and standards aligned with ISO 27001
- Integrate OWASP Top 10 recommendations throughout the software development lifecycle
- Work with developers to identify and fix security vulnerabilities in applications
- Review logs to detect malicious activity and data breach
- Coordinate with contractors, security vendors and internal teams to isolate incidents and implement mitigation
- Keep abreast of latest threats, vulnerabilities, mitigation techniques, and new technologies
- Work with security professionals and governance team to educate colleagues on security best practices
Requirements
- Good degree in Information Systems/Technology, Computer Engineering, Computer Science, Information and Communications Technology (ICT) or related field
- At least 5 years of relevant work experience managing contractors and designing cybersecurity solutions
- Solid knowledge of cybersecurity principles and best practices
- Experience in preparing tender specifications for vulnerability assessment, penetration testing, and creating SOPs for security incident response
- Proficiency in security tools, logs extraction methods and technologies
- CISSP, CISA, CISM, CompTIA Security+ or equivalent professional certifications preferred
Full Job Posting
About the Role
- Your role is essential for defending Changi's airport systems, infrastructure and digital assets from cyberattacks and data breaches.
Finding and reducing vulnerabilities
- To assess the cybersecurity aspects of the design proposals for different systems, applications and infrastructure.
- You will also source, manage and oversee the external service providers who will conduct annual vulnerability assessment and penetration testing to find and report any possible weaknesses that could be attacked by hackers and suggest potential remediation actions.
Applying security controls
- Based on industrial best practices, security standards and guidelines (e.g. OWASP Top 10, NIST, CIS), recommend and apply suitable security measures for compliance and to address vulnerabilities shared by security threat intel, etc.
- Contribute to the development and maintenance of security policies, procedures, configurations and standards aligned with ISO 27001, suitable for implementation by project teams and contractors.
- Join in internal audits and reviews to ensure the efficiency of the ISMS or security controls.
Secure Development Practices
- Integrate OWASP Top 10 recommendations throughout the software development lifecycle (SDLC), focusing on secure coding practices and secure design principles.
- Work with developers to identify and fix security vulnerabilities in applications.
Incident response and recovery
- Help to review logs to detect malicious activity and data breach.
- You will be in charge of coordinating with contractors, security vendors and internal CAG teams to devise the strategy to isolate an incident, threat, identify the root cause, and implement mitigation or recovery procedures.
Keeping up with changing threats
- The cybersecurity landscape is always evolving, so you will need to keep abreast of the latest threats, vulnerabilities, mitigation techniques, and new technologies.
- This may involve attending training courses, reading industry publications, and participating in conferences.
Working with others
- You will work closely with security professionals, and governance team to educate colleagues on security best practices and raising awareness of potential threats.
Qualifications
- Good degree in Information Systems/Technology, Computer Engineering, Computer Science, Information and Communications Technology (ICT) or related field.
- Preferably candidates with CISSP, CISA, CISM, CompTIA Security+ or equivalent professional certifications.
- Preferably candidates with a solid knowledge of cybersecurity principles and best practices, and ideally have at least 5 years of relevant work experience managing contractors and designing cybersecurity solutions to meet guidelines and standards.
- Experience in preparing tender specifications for vulnerability assessment, penetration testing, and creating SOPs for security incident response.
- Proficiency in security tools, logs extraction methods and technologies
- Has a curious mind to proactively detect potential cyber threats and develop measures to address them
- Excellent analytical and problem solving skills
- Strong communication and collaboration skills
- Ability to work independently and as part of a team
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career