Senior/Security Engineer

Responsibilities:

• Deploy automation to improve cyber efficiencies and streamline the cyber security processes by consolidating and integrating the security controls to reduce the complexity of management and gain cost efficiencies. 
• Deploy artificial intelligence / machine learning capabilities in predictive cyber defense by building up threat intelligence capabilities with increased automation, adversary tracking and attribution and proactively discover, assess and mitigate risk early in digital business environment. 
• Lead in the analysis, assessment, development, and evaluation of security controls for systems that are deployed on cloud infrastructure and ability to provide visibility into security posture of assets deployed in the cloud with active monitoring and containment of threats.
• Propose and deliver new capabilities using Artificial Intelligence (AI) and Machine Learning (“ML”) technologies to support enhancements in zero trust security, web security, data leakage prevention, remote computing security, automated security assessment and testing, cloud security posture management and DevSecOps.
• Use security analytic tools to provide insightful metrics for management and operational reporting.
• Support cyber security projects or initiatives by participating in meetings, manage project-related paperwork and communicate with internal and external stakeholders to identify security controls requirements during systems implementation. 
• Evaluate emerging cyber security technology products and translate it to feasible solutions to strengthen cyber security defense of the organisation. 
• Work with lines of business, vendors, IT application and infrastructure teams during the software development life cycle to ensure compliance to security architecture, information security policies, standards and guidelines.
• Take ownership of projects with domain specialization and play the role of the project manager adhering to Income’s procurement and project management frameworks to deliver the projects timely.  
• Transition the project into operation and work cooperatively with various IT infrastructure team, applications and business units for the effective operations of the security solution.

Requirements:

• Bachelor's Degree with more than 5 years of experience in technology, information or cyber risk management, information security or enterprise architecture
• Minimum of two years direct information security experience in a security engineer, architect, consultant or a similar role
• CISSP, CCSP, CISM, TOGAF certified is preferred
• PMP certified is an advantage
• Basic structured programming or scripting skills as C, Java, Python, Javascript, Powershell
• Strong background in security architecture or engineering, including a deep knowledge of endpoint protection, system security, network security, cloud security, data leakage prevention, security monitoring and incident response
• Good understanding of major cloud service providers’ products and solutions, capabilities and limitations
• Good knowledge of cyber security tools and solutions with AI and ML capabilities
• Good written skills and able to effectively communicate security and risk-related concepts to technical and non-technical audiences.