Network Security Engineer

Sopra Steria is a listed European tech leader specializing in Consulting, Digital Services, and Software. With 60,000 employees worldwide across Europe, North America and Asia, Singapore serves as the HQ for our APAC operations. We focus on delivering Infrastructure, Cloud and Cybersecurity services across the region.

We are looking for a L2 Network Security Engineer to assist one of our key client.

Description:

Join our team as a Network Security Engineer, where you’ll safeguard enterprise infrastructure, strengthen cyber resilience, and operate cutting-edge security platforms in a mission-critical environment

Responsibilities

• Preventive Maintenance for Network & Security Equipment
• Perform quarterly preventive maintenance (PM) for Network & Security Equipment
• Update and submit checklist after PM

VAPT Support

• Conduct Vulnerability assessment using Nessus
• Validate scan completion and analyse findings
• Perform remediation planning and coordination

Security Hardening and Configuration Review

• Remediation validation
• Reporting & Documentation for VAPT

Quarterly Compliance Check

• Conduct vulnerability assessment on the systems across all sites using Nessus
• Perform remediation planning and coordination with Level 2 engineers

IM8 Governance Compliance

• Ensure day-to-day operations comply with IM8 ICT Security Standards
• Support security assessments with Authority
• Maintain audit-ready documentation
• Support IM8 policy enforcement example patching SLAs

Firewall Operations

• Manage policies, and troubleshoot traffic issues
• Support IPS/Threats modules
• Support logs extraction
• Perform firmware updates, patches, security fixes and vulnerability remediation
• Maintain up-to-date configurations

Hardware Security Module

• Monitor HSM health and readiness
• Understand and able HSM to support cryptographic operations under strict governance and dual control
• Review and maintain HSM logs
• Manage HSM key management operation
• Perform firmware updates, patches, security fixes and vulnerability remediation

SIEM Monitoring

• Configure SIEM to show high severity events as alerts on the dashboard
• Identify unusual patterns, anomalies, and suspicious events in the logs
• Ensure all critical systems send security logs to the SIEM
• Tuning and optimization of SIEM rules
• Develop and maintain / optimize dashboard for real-time display of alerts
• Perform firmware updates, patches, security fixes and vulnerability remediation

Aruba Clearpass Monitoring

• Manage and maintain ClearPass Access Control policies
• Integrate Aruba Clearpass with Network infrastructure
• Maintain up-to-date configurations
• Perform firmware updates, patches, security fixes and vulnerability remediation

Samsung Knox MDM

Onboard new devices into Samsung Knox
Configure and maintain MDM policies
Manage approved application via Knox
Monitor device compliance dashboard
Manage deployment of certificates and rotation of certificates on the mobile devices
Maintain accurate record of mobile device lifecycle management
Perform application patches, security fixes and vulnerability remediation
Maintain up-to-date configurations
Incident & Problem Management
Resolve P1/P2 issues within SLA
Perform resolution and communications
Perform root cause analysis and recommend permanent fixes
Escalate unresolved issues that required software coding to Level 3 or engineering teams
Ensure proper closure of incident and problem

Change Management

• Perform operational impact assessment
• Present change in Change Advisory Board
• Pre-Change Preparation such as review Change Request and Release Plan
• Documentation update in the knowledge base
• Post change review and feedback

Patch Management

• Perform patch management readiness
• Stakeholder coordination and team coordination

System Readiness and Post-Patch Validation

• Documentation update and knowledge transfer
• Compliance and audit readiness

Documentation and Compliance

Operational documentation. SOPs, Incident response checklist, RCA, PIR, monitoring and alert guidebook
Configuration & Infrastructure Documentation. System configuration baseline, application dependency maps, environment inventories such as hosts, services, accounts
Knowledge Base Articles for level 2 enablement and faster resolution e.g. Known Errors and Fixes, Frequent How-To Guides, Script Repositories, Lessons Learned
Maintain application documentation

Knowledge Management

Configuration Management

• Perform validation and accuracy of configurations
• Maintain readiness of operational documentation
• Perform audit to confirm compliance of configurations
• CMDB asset verification
• Change-linked configuration tracking
• Ensure environment consistency between DEV – IVVQ – ISO-PROD – UAT and PROD

Testing and Verification

• Ensure operational readiness testing before production deployment rollout
• Ensure post-change verification coordination
• Perform regression and sanity test following patching or upgrades, in UAT and PROD
• Participation in user acceptance testing

Knowledge Management

Documentation of resolution

Knowledge Base Contribution

Validation of knowledge

Subject Matter Expertise Sharing

Root Cause Analysis

Gather logs, system metrics at the time of failure
Reproduction of issues in a controlled environment to understand the conditions under which it occurs
Determine the scope and severity in terms of the systems affected, downtime duration and business impact
Narrow down the possible sources of causing the failure
Use of diagnostic tools such to analyse the application behaviour
Correlation of events to sequence the chain of events leading up to the failure and identify the dependencies

Requirements

Diploma / Bachelor Degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a closely related discipline
At least 2-5 years in Level 2 support for mission critical 24x7 production support, preferably in public sector
Proven experience in handling P1/P2 incidents, managing post-incident reviews (PIRs) and root cause analysis
Preferably certification in Check Point / Palo Alto firewall, Cisco CCNA, Aruba, LogRhythm Analyst
Strong understanding of IM8 compliance reporting, audit evidence and configuration traceability

Work Schedule

• Require rotational on-call duty support
• Available for graveyard hours change request deployment as schedule

Benefits

• Regular team buildings
• 18 leave days / year

Insurance: GP, Hospitalisation, Dental and Optical

Annual bonus

Training and certifications paths

Visit website

Sopra Steria, a European Tech leader recognized for its consulting, digital services and software development, helps its clients drive their digital transformation to obtain tangible and sustainable benefits. It provides end-to-end solutions to make large companies and organizations more competitive by combining in-depth knowledge of a wide range of business sectors and innovative technologies with a fully collaborative approach. Sopra Steria places people at the heart of everything it does and is committed to making the most of digital technology to build a positive future for its clients.

With 47,000 employees in nearly 30 countries, the Group generated revenue of €4.7 billion in 2021.