Senior Cybersecurity System Engineer

ORGANISATION CONTEXT

The Airspace Mobility Solutions (AMS) business, part of the Global Business Unit Land and Air Systems, is providing leading edge Air Traffic Management (ATM), Unmanned Traffic Management (UTM), Security and Digital Aviation solutions for the Commercial and Defence sectors.

The AMS business manages 11% of the world's airspace and with revenues of over 500 million Euros worldwide, is the global market leader in airspace management solutions. In Singapore, the business focus is the delivery and support of two key ATM solutions including TopSKY-ATC(HE) and LORADS-III.

ROLE DESCRIPTION

The Senior Cybersecurity System Engineer leads the development, application and assessment of Security controls to AMS Systems, including Products, Projects for delivery to the customer and internal systems.

The Senior Cybersecurity System Engineer works under the supervision of the Project Security Manager (PSecM) and Squad Scrum Master.

RESPONSIBILITIES

. Lead where assigned, the design and development of solutions to meet customer requirements, whilst ensuring alignment with the ATM cybersecurity program

. Lead where assigned definition of solutions that deliver the best trade-offs between requirements, cost, schedule and risk to satisfy our customer needs

. Coordination with internal stakeholders, advising on security controls and processes / procedures

. Lead / Advise as assigned, the development and maintenance of relevant cybersecurity documentation such as:

o Statement of Applicability

o Security requirements and associated design

o Security Incident Response Plan

o System Security Plan

o Standard Security Operational Procedures

. Lead / Contribute to Engineering Change Proposals (ECPs) and Problem Change Requests (PCRs) as assigned

. Participate in and lead technical reviews and working groups as required

. Provide leadership and direction for the implementation and monitoring of security controls

. Direct periodic reviews of implemented security configurations in alignment with selected security framework(s)

. Direct the conduct of Vulnerability Assessments by the conduct of regular vulnerability scans and cyber security audits

. Direct and review the generation of Vulnerability reports with recommendation in project context - Relying on the PSIRT team.

. Lead security patch management

. Lead where assigned the integration and verification of security controls

. Lead where assigned the application and operation of procedural and technical security controls

. Contribute to cybersecurity test campaigns

. Contribute to Security risk assessments

. Deliver fundamental-level cyber security training in an accessible, easy-to-understand manner

. Promote knowledge sharing ensuring that work is captured sufficiently for re-use across projects

. Follow Thales processes and practises and contribute to their improvement

KNOWLEDGE, SKILLS & EXPERIENCE

Qualifications

. Degree in Engineering, Computer Science or related discipline majoring in Cybersecurity

. Postgraduate studies in Cybersecurity (Desirable)

Essential Experience

. 7+ years of proven experience in the Cybersecurity field

. Strong knowledge in Cybersecurity solutions (e.g. IAM, PAM, SIEM, EDR, Keys, Firewall)

. Strong knowledge in Cybersecurity engineering activities

. Knowledge of Systems Engineering Lifecycle and relevant standards eg. ISO/IEC15288

. Demonstrated ability to achieve effective outcomes in a multidiscipline, multi-culture environment

. A positive attitude combined with excellent interpersonal and motivational skills.

. Sound judgement and independent decision-making capability where necessary

Desirable:

. Industry qualifications, such as CISSP

. Experience in system hardening and hardening review based on CIS Benchmarks or DISA STIG frameworks.

. Knowledge of ISO 27001 foundational requirements.

Experience in country security regulations (e.g. CCOP and IM(ICT&SS) for Singapore)

. Experience in ATM Domain and related standards eg. ICAO, Eurocontrol , or safety critical systems.

. Experience in System Engineering tools eg. DOORs, Polarian, Jira

. Experience in vulnerability management and threat modeling

. Experience in working in a Scaled Agile Framework (SAFe)

GENERAL / SPECIAL REQUIREMENTS

. Leadership in ensuring a harmonious work environment in all departments that you are working with by upholding Thales key values.

. Be an advocate for diversity and inclusion who will be actively involved in implementing change initiatives to achieve our diversity goals

. Be an advocate for a culture of continuous improvement

. Be an advocate for Accountability, transparency and curiosity

. Comply with all relevant company Occupational Health, Safety and Environmental policies and framework and work practices with the intent of preventing or minimising accidental exposures to self, colleagues, visitors and/or the environment and to ensure a safe work practises at all times.

. Comply with all relevant Company policies and procedures.

SPECIAL REQUIREMENTS

. Occasional international travel may be required

. Singapore CAT2 Clearance may be required