Senior/ Cybersecurity Engineer

Our Company is continuously exploring and adopting innovative technologies to improve our productivity and increase our business competitiveness. The security of the Company’s IT resources is a critical component of our digital transformation which aims to transform the Company’s processes, to create a paperless, digital business environment and establish new business lines. The Cybersecurity Engineer plays an important role to protect the Company’s informational assets.

Roles & Responsibilities:

• Lead the implementation of Conditional Access Policies, MDM/MAM using Microsoft Intune.
• Ensure best practice and overall security posture are maintained. Identify cybersecurity vulnerabilities, propose mitigation measures and work on their implementation.
• Develop and maintain security hardening guidelines, provide technical support to the IT teams for the implementation of security controls.
• Coordinate with the IT teams to administer measures to prevent, manage and respond to cyber threats and incidents.
• Conduct Security Assessments, including assessment of networks infrastructure and business applications on premises, on AWS and Azure cloud. Conduct compliance tests, configuration validation, vulnerabilities scanning, etc.
• Review and update security documentations including risk assessment, IT security design and plan.
• Work closely with system administrators, IT teams and the system vendors, to ensure IT policies and procedures are implemented and complied with.
• Install, administer, and troubleshoot the Company’s security solutions.
• Explore leading cybersecurity products. Work with 3rd party security consultants and service providers to ensure all security aspects are covered. Operate security solutions such as SIEM, PAM, EDR, IDS/IPS and Web Application Firewall while ensuring compliance to regulatory standards and procedures.
• Review all SIEM daily summary reports and follow up with vendors on all critical/suspicious events.
• Conduct technical analysis and triage based on triggered alerts to determine the severity, impact, scope, and corresponding response actions.
• Manage cybersecurity incidents, including investigation and response.
• Front internal/external security audits and follow-ups, ensure all the audit issues have been resolved.

Requirements:

• Degree or diploma in Information Security, Computer Science, Computer Technology, or related discipline.
• A minimum of three-year-experience in managing Cyber Security Operation.
• Hands-on experience in a two or more of the key security domains such as: security operations (SIEM, EDR, vulnerability management), Cloud security, Data security, Identity and access management, and secure software development lifecycle
• Hands-on experience in Office 365 and Azure Security and Compliance is mandatory.
• Knowledge of networking and AWS/Azure Cloud Security practices and tools.
• Ability to multi-task and work efficiently under pressure and tight deadlines.
• AWS Certified Security, Azure Security Engineer Associate or equivalent certification is an advantage.