Cybersecurity Engineer (IT Security Operations)

Assurity Trusted Solutions Job Post

Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of the Government Technology Agency (GovTech). As a trusted partner over the last decade, ATS offers a comprehensive suite of products and services ranging from infrastructure and operational services, governance and assurance services as well as managed processes. In a dynamic digital and cyber landscape, where trust & collaboration are key, ATS continues to drive mutually beneficial business outcomes through collaboration with GovTech, government agencies and commercial partners to mitigate cyber risks and bolster security postures.

Responsibilities:

• As part of the team, you will develop and maintain cybersecurity standards, procedures, configurations or rulesets for the systems and services.
• For validation of security procedures, you will conduct security exercises which may include table-top or simulation exercises.
• Participate in security incident response that includes understanding alerts, coordination with various system or service operators, identifying potential threats and performing basic triaging prior to escalation to next level security responder.
• Coordinate in Indicators-Of-Compromise (IOC) scanning, collating the reports from various system operators with consolidated update to the stakeholders.
• Perform vulnerability assessment using automated and manual tools with recommendation for actionable remediation controls. Understand the published vulnerabilities with their respective security patches with context to the deployed system and perform risk assessment onto them.
• Monitor and notify security patches releases for the various products. Involve in the security patch assessment rating based on standards like Common Vulnerability Scoring System (CVSS) as well as with the context of the deployed environment.
• Engage with stakeholders with presentation or reporting on the vulnerability scanning results, security testing results, security incident or security posture of the systems.