POSITION DESCRIPTION & REQUIREMENTS:

United Overseas Insurance is seeking a highly skilled and motivated Cyber Engineer to join our dynamic team. This individual will be responsible for ensuring the security and resilience of our digital infrastructure. The ideal candidate will possess between 5 to 8 years of experience in the cybersecurity domain, with demonstrated expertise in advanced security technologies, best practices, and regulatory compliance.

KEY QUALIFICATIONS:

• Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent experience will also be considered.
• 5 to 8 years of hands-on experience in cybersecurity engineering roles, preferably within insurance, financial services, or other highly regulated industries.
• Strong technical knowledge of AD, Azure security, endpoint protection, and network security tools.
• Comprehensive understanding of EDR/MDR, DLP, PAM, SASE/ZTNA, and NDR concepts and tools.
• Experience conducting and coordinating vulnerability assessments and penetration testing.
• Familiarity with IT audit processes and regulatory compliance requirements (MAS TRM, ISO 27001, PCI DSS, or similar).
• Robust experience in patch management lifecycle across multiple operating systems.
• Proficiency in securing and managing Windows, Wintel, and Linux environments.
• Excellent analytical, problem-solving, and incident management skills.
• Strong written and verbal communication abilities, with the capability to produce clear IT audit reports and technical documentation.
• Relevant certifications (preferred): CISSP, CISM, Azure Security Engineer Associate, CEH, OSCP, or related credentials.

DESIRED SKILLS & ATTRIBUTES:

• Demonstrated ability to work collaboratively in cross-functional teams and lead security initiatives.
• Detail-oriented, with a focus on accuracy and thoroughness in documentation and reporting.
• Proactive approach to identifying and mitigating risks across the IT landscape.
• Adaptability to rapidly changing environments and evolving threat landscapes.
• Commitment to continuous learning and professional development in the cybersecurity field.
• Strong sense of ownership, accountability, and ethics.

• AD Security: Manage and secure Active Directory (AD) environments, including user access, group policies, and federation services. Conduct regular audits to identify and remediate vulnerabilities and misconfigurations. Implement least privilege principles and ensure compliance with organizational requirements.
• Azure Identity Security: Oversee the implementation and management of Azure Identity solutions such as Azure Active Directory, Multi-Factor Authentication (MFA), Conditional Access, and Privileged Identity Management (PIM). Design and enforce identity governance and protection strategies for hybrid and cloud environments.
• Endpoint Protection: Deploy, configure, and monitor endpoint security solutions (antivirus, anti-malware, host-based firewalls) across diverse platforms, including Windows, macOS, and Linux devices. Respond to and remediate endpoint security incidents, and ensure all endpoints are compliant with organizational policies.
• EDR/MDR: Implement and manage Endpoint Detection and Response (EDR) and Managed Detection and Response (MDR) solutions. Continuously monitor for, detect, and respond to advanced threats and suspicious activities. Coordinate incident investigations and collaborate with external MDR partners as needed.
• Data Loss Protection (DLP): Develop, maintain, and enforce Data Loss Prevention (DLP) policies and controls. Monitor the movement of sensitive data across endpoints, cloud, email, and network channels. Investigate potential data exfiltration events and propose remediation measures.
• PAM: Design, implement, and support Privileged Access Management (PAM) solutions to secure, monitor, and control privileged accounts and credentials. Conduct regular reviews of privileged access rights and integrate PAM controls with identity governance frameworks.
• SASE/ZTNA: Plan, deploy, and maintain Secure Access Service Edge (SASE) and Zero Trust Network Access (ZTNA) architectures. Drive the adoption of secure, identity-based access to applications and resources, regardless of user location. Evaluate and integrate cloud-delivered security services such as SWG, CASB, and ZTNA proxies.
• NDR: Oversee Network Detection and Response (NDR) tools and practices. Monitor network traffic for anomalies and suspicious activity. Analyze alerts, coordinate incident response, and recommend network segmentation or other controls to contain threats.
• VAPT: Coordinate and conduct Vulnerability Assessment and Penetration Testing (VAPT) exercises. Analyze findings, prioritize remediation activities, and provide technical guidance to internal teams.
• IT Audit Reporting: Prepare and present detailed IT audit reports, findings, and recommendations to management and regulatory bodies. Collect evidence, interface with auditors, and drive remediation of audit deficiencies.
• Patch Management: Develop and manage patch management processes for operating systems, applications, and firmware across diverse environments. Ensure timely application of patches and monitor compliance with internal SLAs and external regulations.
• OS/Wintel/Linux: Administer, harden, and secure Windows, Wintel, and Linux-based systems. Apply security baselines, conduct system audits, and automate processes related to security configuration and monitoring.