Search by job, company or skills

progression search

Network Security Engineer

Fresher
Save
  • Posted 16 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

OVERVIEW

The L3 Security Engineer is an advanced operational and engineering role responsible for maintaining, optimizing, and defending the network security posture across Singapore public sector IT infrastructures. Serving as a core tier-3 escalation point, you will handle complex security incidents and technical requests within Government Commercial Cloud (GCC) and hybrid environments. This role demands an engineer who can apply deep analytical troubleshooting to maintain system uptime, enforce Zero Trust policies, and optimize routine operations through security automation.

Due to the mandatory security clearance requirements associated with sensitive Singapore Government systems, this position is open to Singapore Citizens only.

RESPONSIBILITIES

1. L3 Security Operations & Incident Management

  • Tier-3 Technical Escalation: Act as a senior escalation point to investigate, analyze, and resolve complex and critical network security incidents and failures within agreed SLAs.
  • Advanced Troubleshooting & Diagnostics: Systematically gather technical data and utilize advanced diagnostic practices and packet analysis tools (e.g., Wireshark, tcpdump) to run deep-dive root cause analyses.
  • Emergency Support: Act as a key technical contact for critical, high-impact security incidents to ensure the rapid restoration of client services.

2. Security Infrastructure & Defensive Architecture

  • Core Defense Management: Deploy, configure, and manage core network security components, including Next-Generation Firewalls (NGFW), IDS/IPS, Load Balancers, and Network Access Control (NAC) systems.
  • Cloud & Hybrid Security: Implement and maintain secure cloud networking patterns (e.g., AWS VPCs, Azure VNets, Transit Gateways) seamlessly integrated with on-premise solutions.
  • Policy Enforcement & Segmentation: Establish, tune, and enforce comprehensive security standards, firewall rulesets, and logical network segmentation zones (VLANs, VRFs, micro-segmentation).
  • Identity & Access Monitoring: Operate and manage Identity & Access Management and Privileged Access Security tools (e.g., CyberArk, Cisco ISE).

3. Automation, Governance & Compliance

  • Operational Automation: Partner with automation teams to identify routine tasks and develop basic scripting/playbooks in Python or Ansible for security configuration management and effort optimization.
  • Government Compliance: Ensure all operational tasks, ticket resolutions, and infrastructure modifications comply strictly with the Singapore Government Instruction Manual on IT (IT IM) and IMDA Security Guidelines.
  • Change Management: Author and execute detailed change requests for standard and non-standard maintenance (including security patching and disaster recovery tests), ensuring clear risk identification and rollback plans.
  • Knowledge Sharing & Mentorship: Create high-quality technical documentation (LLD), perform quality audits on tickets, and coach L1/L2 engineering teams to push technical knowledge down.

REQUIREMENTS

  • Bachelor's degree or equivalent qualification in IT, Cybersecurity, or Computer Science.
  • Seasoned experience operating in a technical L3 security engineering or network security capacity, preferably supporting public sector agencies, mission-critical infrastructure, or enterprise managed services.

Preferred Technical Certifications

  • Core Security: CCNP Security, PCNSE (Palo Alto), CISSP, or equivalent vendor-related certifications.
  • Advanced Networking: CCNP Enterprise or equivalent technical routing/switching validation.

Tooling & Technical Competencies

  • Firewalls & Edge Security: Expert-level hands-on management of Fortinet (FortiGate, FortiManager, FortiProxy) or Cisco security systems.
  • Identity & Access: Cisco ISE AAA Services, or Privileged Access platforms (e.g., CyberArk EPV/CPM/PSM).
  • Traffic & Optimization: F5 Load Balancers (LTM) and Web Application Firewalls (WAF).
  • Vulnerability & Logs: Tenable Security Centre/Nessus, and familiarity with SIEM logging analytics (Splunk or Microsoft Sentinel).
  • Automation & Analysis: Python, Ansible, Wireshark, or tcpdump.

Please note that only shortlisted candidate would be notified.

More Info

Job Type:
Industry:
Function:
Employment Type:

About Company

Job ID: 150599167

Similar Jobs

Singapore, Jurong East

Skills:

alcatel GtmFortinetWanCisco IpsWlanSolarwindsPalo AltoNetwork MonitoringIdsF5 LtmCisco IseLanCiscoA10 LTMCheckpointsDocumentationTroubleshootingAruba ClearpassCloud infrastructure solutionsAruba routers and switchesNetwork security solutions

Anson, Singapore

Skills:

VpnsTcp IpDnsIpsFirewallsroutingDHCPIso 27001IdsSiemPythonAWSPowerShellBashVlansNetwork MonitoringGcpAzureswitchingintrusion detection prevention systemscloud security conceptszero-trust security modelsnaccybersecurity frameworksnistcybersecurity best practices

Singapore

Skills:

url filtering packet capture IpsVLANHigh AvailabilityIdsFirewall AdministrationRoutingLog AnalysisAccess ControlBasic understanding of networking conceptsThreat PreventionSecurity policy creationSSL inspectionSession monitoringTraffic flowRule optimisationVPN technologiesZone based securityFamiliarity with Linux CLI environmentsCLI debuggingSwitchingZero TrustObject and service managementApp control

Singapore

Skills:

palo alto networks routingFortigateFortinetVpnVLANswitchingfirewall technologiesCheckpoint

Singapore

Skills:

.NETT-sqlApisSQL ServerRestful ServicesJsonSplunk