Senior Engineer - Security Engineering

Senior Engineer - Security Engineering

• Permanent role
• Reports to Senior Group Manager - Security Engineering
• Central work location

Our Client

• A multinational insurance company

The Opportunity

You will be responsible for security engineering - developing, executing and tracking the performance of security projects covering the in-scope security technologies. The objective is to identify, develop, define and document system security requirements of each respective tool/system and in compliance with group security policies and standards. You are expected to collaborate closely with other domains within the security function to support multiple lines of business units located across Asia, Africa and UK.

Job Responsibilities:

• Be part of the security engineering function, including the engineering for build, design and implementation of in-scope security technologies.
• Plan, develop, implement, and enhance the different security technologies aligned to organization's information security strategy.
• Work alongside with a team of security professionals responsible for endpoint protection, data loss prevention, email security, network security, vulnerability scanning, encryption and key management.
• Configure, troubleshoot and deploy security related infrastructure, software and hardware to cover on-premise, cloud-hosted, cloud-native and SaaS platforms.
• Call for RFP/RFI and perform solution evaluation based on the capabilities and functionalities which meet organization environment and requirements.
• Assists with proof of concept (PoC), technical evaluation, procuring, managing, and configuring security technologies in various environments.
• Drive security projects to closure while fulfilling project scope, timeline, and cost.
• Analyse security systems and seek improvements on a continuous basis such as engineering automation, environmental integrations, customised features.
• Stay updated with the latest security threats, vulnerabilities, and industry trends to proactively mitigate risks and enhance our security posture.
• Perform risk assessments and develop contingency plans to address potential security incidents and business continuity issues.
• Serve as a subject matter expert for in-scope security technologies, providing technical guidance and recommendations to stakeholders across the organization.
• Follow through for each security product escalation to address gaps or defects and work with require parties to implement workarounds and resolutions.
• Conduct knowledge sharing and transfer in the operational knowledge and expertise in managing each respective security technologies to ensure security business continuity availability.
• Collaborate with cross-functional teams within technology to align on balanced risk management in security technologies throughout the organization.

Your Background

Core Competences Required:

• Possess implementation experience in at least one of security domains - endpoint protection, data loss prevention, email security, network security, security baseline, encryption and key management.
• Possess strong end-to-end ownership in different security domains to drive closure of projects.
• Familiarity in deployment e.g. SCCM, IAC, terraform and ansible coding.
• Proficiency in one or more scripting language (Perl, Python, Shell Scripting etc.)
• Possess strong level of understanding on technology concepts in servers, endpoint, database, networking, application, middleware and cloud.
• Experience in dealing and managing stakeholder expectation from business teams, technical teams, and operations teams.
• Excellent problem-solving and analytical skills, excellent critical thinking and troubleshooting skills.

Education and Experience:

• Bachelor's Degree in Information Security, Computing Engineering or equivalent.
• At least 7 years of working experience in handling security engineering in large organizations.
• Prior experience in working in a global/regional exposure is desirable, with prior experience in financial service and/or tech industry is a bonus.
• Experience in working at least one cloud service provider (AWS, Azure, GCP, etc.)
• Relevant Information Security certification(s) preferred, such as CISSP, CCSP, CISM, Comptia Security+ are advantageous.
• Required written and verbal communication skills in English.
• Ability to work independently and in a team environment.