IT Infrastructure Engineer
About the job
We are partnering with a Fortune Global 500 Insurance company to hire ‘”IT Infrastructure Security Engineer”
Job Scope:
- Support day to day IT Infrastructure security (Cloud Azure and AWS, on-premise) administration in accordance with established insurance company security framework, request and requirements
- Responsible for implementing infrastructure security control, baseline, remediation, patching, hardening and close the security findings
- Responsible for assessing business and operational impact for security remediation activities before implementing any changes to the IT Infrastructure environment
- Responsible for raising IT deviation ticket for security findings that cannot be remediated
Job Responsibility
Cloud Infrastructure Azure and AWS cloud security posture management
- Continually assesses Azure and AWS cloud resources for security issues, then aggregates all the findings, prioritize the response and remediation efforts
- Implement Azure and AWS cloud hardening according to Azure, AWS, CIS benchmark, and company security framework
- To improve Azure Defender score and AWS security score by continually strengthening the security posture
Technology proficiency and tools:
- Azure Defender for Cloud
- AWS Security Hub
- Horangi for Azure and AWS cloud compliance tool
Infrastructure security patch management
- To apply infrastructure layer patch such Wintel and Linux operating system and endpoint Win10 and Win11 patch.
- Monitor and review the patching posture of entire IT Infrastructure
Technology proficiency and tools:
- Redhat and CentOS Linux
- Windows Server 2012, 2016 and 2019
- Windows 10 and Windows 11
- Hyper-V and VMware
- HCL BigFix endpoint management
Infrastructure security vulnerability management
- To remediate IT Infrastructure vulnerabilities according to severity based on internal risk assessment.
- Implement corrective action to the findings based on Azure Defender, AWS Security Hub, Vulnerability assessment tool such as Rapid7 Nexpose, Nessus Tenable
Technology proficiency and tools:
- Vulnerability remediation
- Darktrace OT security
- Armis IT Asset discovery and security platform
- SentinelOne security antivirus EDR
IAM (Identity and access management) cloud access and perimeter control
- To perform Azure Active Directory administration by creating, fine tune access control policies, whitelisting, blacklisting based on operational and security request
- To perform email filtering administration, include spam and phish analysis and investigation
Technology proficiency and tools:
- Azure AD
- M365 Defender
- M365 Exchange Online
- Checkpoint Avanan email security
IT asset onboard into SIEM(Security Information Event Management
- To continually onboard all IT asset into SIEM security dashboard
- To address the gaps between asset that were not discovered by SIEM
Technology proficiency and tools:
- Arcsight SIEM, Proficio MSSP
- Armis IT asset discovery and security visibility tool
Coordination and collaboration with IT security peers on security topics
- To act as a focal point, work hand in hand with IT security officer, security manager and security support for analysis, investigation of SIEM events
- Participate in IT Infra and operations meeting and as a subject matter in IT Infrastructure security
- Attend to weekly IT security meeting and reply to adhoc IT security queries
Qualifications
- Communication and interpersonal skills with good command of bilingual, English and Mandarin
- Knowledgeable with Linux Redhat and CentOS will be an advantage
- Knowledgeable with Azure Defender Cloud and AWS cloud security will be an advantage
- Knowledgeable in compliance with MAS TRM, MAS Cyber Hygience and MAS regulatory notices.
- Knowledgeable in IT infrastructure vulnerability management will be an advantage
- Knowledgeable with endpoint management tool such as BigFix, SCCM, VMware Workspace will be an advantage