Summary of Job Responsibilities

This position would be best suited for an experienced IT Security Operations Engineer who is able to lead and manage security configuration best practices, patch management, drive the security and vulnerability remediation. Keep the security compliance according to corporate requirements.

Key Primary Responsibilities

• Understand the corporate Risk Management Approach towards IT security. 1^st line of defense on proactive discovery to address security, 2^nd line of Defense to identifies security risks and response to 3^rd line of defense to implement governance of security risk posture.
• Working with a team of IT Security engineers to address and respond to security configuration management, patch management, certificate management, firmware level updates, Firewall Rules Management and End Point Security Agent Management.
• Monitor and analyze security events and incidents within the organization’s IT infrastructure.
• Implement and manage security tools and technologies, such as Rapid 7, Security information and event management and servers and endpoint SCCM patch management.
• Implement tools and technologies that can track and manage firmware and certificates updates proactively. Automate the process to minimize human intervention.
• Develop guidelines of hardening for security configuration on Desktop, Servers, and Network Devices. Implement tooling to proactively detect misconfigurations, track, and management security configurations.
• Implement and prioritize firewall rules that are out of variance with the firewall standards. Implement and manage firewall rules tooling and develop strict policies to govern firewall rules implementation.
• Develop and maintain security policies, procedures, and guidelines to ensure compliance with industry standards and regulations.
• Collaborate with other IT teams to identify and remediate security vulnerabilities in systems, applications, servers, endpoint, and network infrastructure.
• Work with cybersecurity team to conduct security assessments and penetration to identify weaknesses and recommend improvements.
• Provide guidance and support to other IT teams on security best practices, steps and procedures to remediate.
• Participate in incident response activities, including working with cybersecurity team to coordinate with internal stakeholders and external partners as necessary.
• Stay informed about emerging security threats, vulnerabilities, and security technologies through continuous learning and professional development.

Security/Compliant:

• Perform continuous vulnerability assessment to ensure a secure operation environment and remediation are carried out timely to close any finding.
• Ensure security setup for system and user access are validated with minimal rights, access being granted according to validated design and documentation with clear ownership of profile/ID. 

JOB REQUIREMENTS

Education & Certification

• Bachelor’s degree in computer science, Information Security, or a related field (or equivalent work experience)
• Minimum 8 years hands-on experience in an IT Security Operations environment
• Solid understanding of network protocols, operating systems, and IT Infrastructure components.
• Experience with security technologies such as firewalls, SCCM, Rapid 7, SIEM, Antivirus, Certificate, and encryption.
• Familiarity with industry standards and regulations (e.g. PCI DSS) and their implications for IT Security.
• Strong analytical and problem-solving skills, with the ability to investigate and resolve security vulnerabilities effectively.
• Excellent communication skills, both written and verbal, with the ability to convey technical information to non-technical stakeholders.
• Relevant certifications such as CISSP, CISM and CompTIA Security as preferred.
• Experience with scripting language (e.g. Python PowerShell) for automation and tool development will be preferred.
• Knowledge of cloud computing platforms and security considerations (e.g. Azure) is a plus.
• Ability to work independently and collaboratively in a fast-paced environment, with a strong commitment to maintaining the confidentiality, integrity, and availability of information assets.
• Experience in Service-Now, ITIL and processes in Service Request, Incident, problem and change management.
• Enthusiastic and must have a strong desire to learn is important for this role.
• Knowledge of and experience in Security configurations, Patch Management, Certification Management, Firmware level updates, Firewall rules management and Endpoint security agent management is a plus.

Marina Bay Sands is committed to building a diverse, equitable and inclusive workforce, providing equal opportunities as we grow our talent base to match our growth ambitions in Singapore. Our employees are committed to adhere to and abide by all rules, regulations, policies and procedures, including the rules of conduct and business ethics of the Company.