Vulnerability Management Analyst
Date: 11-Jan-2023
Location: Singapore, Singapore
Company: Singtel Group
NCS is a leading technology services firm with presence in Asia Pacific and partners with governments and enterprises to advance communities through technology. Combining the experience and expertise of its 10,000-strong team across 49 specialisations, NCS provides differentiated and end-to-end technology services to clients with its NEXT capabilities of digital, cloud, platforms as well as core offerings in application, infrastructure, engineering and cyber security. NCS also believes in building a strong partner eco-system with leading technology players, research institutions and start-ups to support open innovation and co-creation. For more information, visit ncs.co.
We are committed to a safe and healthy environment for our employees & customers and will require all prospective employees to be fully vaccinated.
As Vulnerability Management Analyst, the broad area of your job responsibilities will cover the following:
- Perform core cyber-security operation functions such as security monitoring, vulnerability management and attack surface management
- Monitor and perform deeper analysis, trending, and root cause analysis of security events from SIEM, whilst creating process and procedures where none are already established
- Perform Attack Surface assessments using a combination of threat modelling, vulnerability research, code scanning, control efficiency testing and recommendation of proper remediation actions
- Support a continuous vulnerability scanning and reporting program encompassing a vast network of internal and public-facing IT assets across multiple platforms and architectures
- Experience in discovery of vulnerabilities, prioritization of data and vulnerabilities, remediation of vulnerabilities, and verification through risk-based analysis of findings
- Able to provide after-hours support on an on-demand basis
Ideal candidate should possess the following:
- Degree/Diploma in Computer Science, Infocomms Security or related discipline
- Security certification is preferred, such as GIAC Certified Incident Handler (GCIH), Tenable Specialist or Nessus Fundamentals
- At least 3 years of experience in cyber security operations
- Strong knowledge of various automated security control systems, vulnerability assessment, threat intelligence intrusion detection, penetration testing and incident response
- Experience in responding to security events, including front-line analysis and escalation, on hacktivist, cybercrime, and APT activity
- Strong analytical, problem solving, communications and interpersonal skills
- Ability to work independently and with minimal supervision on assignments