Manager, Information Security Architecture - DFS5218232 in Singapore at DFS

Date Posted: 6/28/2019

Job Snapshot

Job Description

As DFS continues its Digital Transformation Journey, we are looking for a high caliber Security Engineer. This role plays an integral part in the development and implementation of information security tools & process across enterprise, focusing on security engineering and providing technical consulting to mitigate risks related to confidentiality, integrity & availability of DFS information assets. Initially the person will focus on security in SAP system. Subsequently, the work areas may involve infrastructure & application security, Merchandising system and other DFS applications.

Key Responsibilities:
- Identify and define system security requirements in SAP-related systems including SAP Hana, SAP FICO, logistics, etc. - Participate in projects involving Information systems and provide sound technical advice to ensure DFS Security by Design principles are adhered to. Ensure all identified information security risks are mitigated and requisite information security controls are implemented through project lifecycle. - Design computer security architecture and develop detailed cyber security designs - Prepare and document security standard operating procedures and protocols - Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement - Coordinate and execute Information Security initiatives in line with the DFS security roadmap - Collaborate with wider DFS Technology team to ensure all systems implemented are engineered inline with and comply to DFS Information Security Policies and adhere to industry best practices. - Conduct research to evaluate new emerging technologies and maintain up-to-date understanding of the latest threats, vulnerabilities, mitigation, industry best practices, regulations. - Perform proof-of-concept and assess security tools/approach to mitigate system risks - Report on Security KPIs as related to projects and track security requirements provided and status of completion. - Other duties as assigned.

Key Requirements:
- Bachelor of higher degree in Computer Science, MIS or related fields - 8 – 10 plus years of progressive experience in computing and information security - Experience in SAP and SAP security (SAP GRC, SAP Hana, SAP Basis, ABAP, etc.) - Experience should include security engineering, security education, network penetration testing, application vulnerability assessments, risk analysis and compliance testing. CISSP, GIAC, CEH or other security certifications essential. - Hand on experience with security technologies such as NGFW, WAF, SIEM, Endpoint Security, Secure Web Gateway, Identity and Access Management (IAM), DLP, Cloud Access Security Broker (CASB) etc., - Knowledge of industry best practices on Secure Software Development Life Cycle (SSDLC) such as OWASP etc., - Experience with information security and risk management frameworks and standards such as ISO 27001, COBIT, ITIL etc., - Extensive knowledge of Payment Card Industry Data Security Standard (PCI DSS) - Experience in working with high performance teams and understand the dynamics of teamwork in an international Security Operations Centre (SOC) environment