Engineer, Network & Applications Security Engineering

Create your future with Affin! You too can make a difference.

Join us at AFFIN, where open minds meet and be inspired by a shared commitment to great work. Here, you don’t just stay at the forefront of the industry – you can make a difference too.

The Network & Application Security Solution & Engineer will leverage his/her development, security, and architecture experience to mitigate risk and enable security controls for both application and network environments using innovative solutions. The person is responsible for solutioning and engineering for application and network environment related deployments, ensuring the flexibility of solution integration to cover on-premises infrastructure and Cloud without high overhead.

• Lead in the research, analysis, design, testing, and implementation of complex computer network security/protection technologies for the Bank’s IT application and network environments.
• Design, implement, maintain, and optimize robust, scalable, highly automated, and secure technical solutions in support of the Bank’s IT application and network environments.
• Create scripts, employ tools, develop automation techniques, and pursue ideas to increase manageability, efficiency, compliance, capability, capacity, and security of devices.
• Create comprehensive engineering documentation including functional requirements, design proposals, network diagrams, workflow diagrams, application communications diagrams, configuration documents, support documentation, training materials, and project documents.
• Ensure that security is embedded in the design and development process, from testing to deployment in the cloud, and strategically guard against existing or emerging threats.
• Develop automation and supporting infrastructure to enable increased agility and consumption of cloud resources, including creating and maintaining build scripts, templates, and other artifacts for the security stack.
• Serve as an escalation point for troubleshooting complex security-related challenges.
• Assess business processes, technology, and information systems at various levels to understand risk posture, apply critical thinking, determine security models, and co-design systems with enterprise architecture.

• Proven track record supporting information security tools and processes such as patch management, SIEM, UBA, Web Application Security testing, SSO, Email Security Gateways, malware management, web filtering, firewalls, proxies, APT analysis, IDS/IPS, DLP, HIDS/HIPS, network access control, threat and vulnerability management.
• Understanding and practical experience with internal certificate authorities, Microsoft DNS, Active Directory design/architecture and security, data loss/leak prevention, and multifactor authentication.
• Knowledge of network design, encryption/PKI, mobile security, network security technologies, vulnerability management, wireless security, and mobile device management.
• Knowledge of encryption algorithms, secure communications, SSL, PKI.
• Experience with Cloud Security and networking (Azure, AWS).
• Broad understanding of emerging technologies, trends, and their applicability.
• Ability to define effective information security standards tailored to specific environments.