Job Description

Date Posted: 2021-09-30-07:00

Country: Singapore

Location: 39 Changi North Crescent, Singapore

Position Title:

Senior Application Engineer Engineer

Position Grade:

P3/ P4

Department:

Innovation Hub Singapore

Review by

Bonar Asido Sihombing

Job Summary

(Description of general

purpose of the job)

We are looking for an Application Cyber Security Analyst/ Engineer with some Network Engineering background to be part of Collins Singapore Innovation Hub team. The resource will work with digital and automation solution development team, to assess the security aspect of the IT and OT solution within the organization\xe2\x80\x99s Industry 4.0 digital solution ecosystem, explore, research and recommend secure design and mitigation steps, as well as support solution proof of concept, piloting and implementation of new technology.

Roles and

Responsibilities

(Essential roles, responsibilities an d activities a candidate can expect to assume in this

position)

• Works with application development team, business unit process experts, and outsource technology partner to design and secure IT/OT solutions.
• Develop functional, interface and technical specifications for software and hardware for security assessment.
• Drive DevSec platform and practices for Digital Innovation Hub team such as version control system, static and dynamic code scanning.
• Responsible for application security test solutions such as vulnerability assessment and penetration testing,
• Support development team and Corporate network team assessment around application security monitoring with tools such as IDS/IPS, firewall, EDR, SIEM, SOAR, Threat Intelligence platform etc.
• Contribute to architecturally significant requirements and technical risk area identification.
• Support testing for products system integration, to ensure security compliance.
• Serve in a design quality role (systems) helping to assure that development teams observe Secure Software Development practices.
• Ensure the ongoing management of a Secure Software Development Life Cycle to ensure on time delivery of application sprints with security compliance and best practices.
• Keep updated about the latest threat, IT security technology and adherence guidelines and reflect existing and coming security solutions.

Competencies

(Essential competencies

required for this position)

Selection at least 3 and max 5 Rank by importance (1 being most important)

Type of Competencies

Rank

Adaptability 2

Analytical Skills 4

Business Judgment

Communication 3

Customer Focus

Developing Talent

Focus on Results 1

Forward Thinking

Listening

Strategic Leadership

Teamwork

Dimension and

Scope

(Describe how the

position fits into the organization as a whole as well as the level of

accountability)

Supervisory responsibility: (if any)

No

Budgetary Responsibility: Yes / No Yes

Other financial metrics impacted by this position (eg. Revenue, bookings, etc) No

Qualification and

Education

Requirements

(Education and Work experience that a candidate should have when applying for position)

Minimum Education required (specific field or equivalent):

• Degree in Computer Science/ Computer Engineering/Information technology.
• A passion for ongoing management of a Secure Software Development Life Cycle

Minimum years of experience in role:

• Experience on Secure Software Development, secure code quality control, and application and system integration vulnerability assessment.
• Experience with Application Development and Software Assurance in a highly regulated industry
• Technical background in the areas of Enterprise IT and industrial control systems, process control networks, SCADA or other industrial automation is important and preferred
• Strong understanding in cybersecurity risks and controls, vulnerability assessment, endpoint security solutions, managed security service, cloud security.
• Experience with different cyber security controls and solutions, e.g. Identity and access management, network security, endpoint security, application security, IDPS, deep packet inspection, SIEM, data analytics, security and/or risk management, SOC and NOC are strongly preferred
• Good knowledge in one or multiple areas such as Windows, UNIX, mid-range, firewalls, intrusion detection, threat detection analysis, and/or information risk management.
• Knowledge of local and global compliance standards and guideline (e.g. PDPA, PCI, SOX, HIPAA, NIST, MITRE ATT&CK, OWASP).
• Good knowledge of performing routing protocols (MPLS, HAIPE/IP, QOS and WAN).
• Good knowledge of performing secure configuration on network assets, e.g. Firewall, Gateway devices, Switches, NAT, Domain controller, encryption certificate, etc.
• Strategic security certifications (e.g. CISSP, CISM) is desirable
• Independent thinking, willingness to \\"step outside the box\\" and take reasonable, calculated risks.
• Passionate and lean towards Innovation, exploration of new way of reducing new technology security risk to the minimum.
• Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources.
• Experience with working on global teams across time zones, cultures and languages.

Preferred Skills (if any):

• Demonstrated Excellent level of analytical ability, communication and interpersonal skills required to build relationships with team members to solve problems and resolve issues.
• Experience on Secure Software Development, secure code quality control, and application and system integration vulnerability assessment.
• Experience with Application Development and Software Assurance in a highly regulated industry
• Technical background in the areas of Enterprise IT and industrial control systems, process control networks, SCADA or other industrial automation is important and preferred

General role in supporting ACE, EH&S, Ethics &

Compliance and

Quality initiatives

ACE:

• Support the Continuous Improvement programs and ACE activities within the company
• Minimum ACE Associate certification under ACP

EH&S:

• Support and participate in the EH&S programs and activities within the company
• Report all incidents (injuries, illnesses, near misses, spills etc), hazardous conditions, and emergencies to his/her supervisor
• Responsible for performing a risk assessment of work activities, taking corrective and preventive actions
• Comply with EH&S regulations/policies/programs/rules and use Personal Protective Equipment (PPE)
• Participate in audits and inspections as and when required
• Attend EH&S training programs and takes personal responsibility for safety

Ethics & Compliance:

• Understand and carry out work performance in compliance with the UTC Code of Ethics, its Supplements and governing policies and the International Trade Policies and Procedures

Quality:

• Provide a quality product/service that satisfies our customers\xe2\x80\x99 needs and expectations the first time, every time
• Emphasize a total quality management process which provides accuracy, and strict compliance with agency regulations and customer requirements, giving the highest degree of confidence; understanding that meeting the requirements of the next employee in the work flow process is just as important as meeting the needs of external customer.

Others

This job description is not necessarily a complete list of all job functions, requirements or working conditions. The Company reserves the right to modify essential job functions, job roles & responsibilities and job qualification at any time.

Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this to read the Policy and Terms

Raytheon Technologies