Lead Security Engineer

Key Responsibilities

• Acts as a team leader providing guidance to Security Engineering team and sets goals and assists the team in accomplishing those goals.
• Manage security architecture and provide consultancy to strengthen security design
• Coordinate with the team to manage security tools (IPS, SIEM, VA scan, DLP, AV, ATP)
• Coordinate with project manager to deliver security projects/initiatives and provide technical consultancy
• Coordinate with the vendor to perform maintenance and enhancement activities on security tools.
• Coordinate vulnerability/security posture assessment and track remediation for closure
• Coordinate with vendor to perform Penetration test and track the finding for closure
• Collate and provide evidence/submission requested by various party (risk management/auditor/regulator) to confirm the security policies, processes, guidelines, controls are followed/implemented accordingly

Requirements:

• A Bachelor's Degree in Computer Science, Engineering, Information Systems or its equivalent.
• Minimum 8-15 years of related working experience. Knowledge of IT security is essential. Industry certifications will be a plus e.g. CRISC, CISSP, CEH, CISM and CISA.
• Highly result oriented and can work independently. Must be a self-reliant team player who is comfortable with managing multiple tasks and responsibilities.
• Ability to build relationship and interact effectively with internal and external parties. Strong engagement skills with stakeholder i.e. business and technology, will be a plus.
• Good analytical, technical, written and verbal communication skills.
• Ability to exercise discretion and independent judgment in applying established techniques, procedures or standards
• Technical expertise in one or more of the following
• Network Concepts and Security, Encryption/Authentication fundamentals, Access Management, Application Security, Platform (Windows. UNIX/Linux) Security, Database Security
• Hands-on experience in various security tools (e.g. SIEM, IPS, Firewall, Vulnerability scanner tools, APT , XDR , NDR and forensic tools)
• Familiar with security standards and best practice; regulatory requirement such as BNM RMIT, MAS, Paynet, PCI-DSS; Architecture and security of operating system.