Infrastructure Security Engineer
CORE PROFILE
The primary objective of Information Security Specialist is to build the mindset that "security is everyone’s responsibility" with the goal of safely distributing security decisions at speed and scale to Technology Group without sacrificing the safety required. We secure our systems, platforms, services, and infrastructure, so our customers are also safe.
The role is responsible for providing technical expertise to several security domains and layers. We implement a multi-layered strategy in protecting our information, people, processes, and technologies. Every part of our ecosystem – our perimeter, network, endpoint, application, and data – is ensured to have defense in breadth and depth.
NATURE OF WORK
- Help in managing the multi-layered security architecture of the enterprise - perimeter, network, endpoint, application, data
- Protect our cloud journey and build robust security infrastructure.
- Provide technical security expertise to Infrastructure Security Group and ensure that security, compliance, and privacy are considered at the earliest stages of product development to prevent expensive product delivery mistakes.
- Ensure security controls are executed according to the infrastructure security architecture roadmap and other future plan.
- Work with IT and all relevant business stakeholders in addressing security incidents, breaches and different cyber threats reported by the security operations team.
- Perform periodic activities such as vulnerability management and other security assessment
- Perform 3rd party integration assessment related to infrastructure security
- Provide support to the Office of the CISO for any technical security and audit requirements.
DISPLAYED SKILL MASTERY
Technical Skills
- Cloud Security (AWS, Azure, GCP)
- Serverless, Kubernetes, Docker
- Project Management
- Knowledge in securing perimeter, network, endpoint, application, and data layers
- Vulnerability Management
- Identity Access Management / User Access Management / Privilege Access Management
- Endpoint management
- System Administration
- Knowledge in Network Security
Soft Skills
- Problem solving and analytical thinking.
- Agility, flexibility, and adaptability
- Strong Team Player
- Good communication and Collaboration
- Must be organized.
- Ability to work well independently and in a team setting.
REQUIRED QUALIFICATIONS
Required Qualifications
- Graduate of Computer Engineering, Computer Science, Information Technology or other relevant science, technical and engineering courses
- At least 4 years relevant information security working experience
- Understanding of IT Security Risk, Audit and information security principles
- Understanding of security standards and practices (e.g. CIS, ISO27001, Data Privacy Act, PCIDSS, BSP ) .
- Good understanding in the following areas: Platform Security, Data Security, Network Security, Security Assessment Tools, Security Monitoring Tools.
- Relevant experience in any of the following : Identity Access Management (Sailpoint) , DLP (Proofpoint) PAM (Privilege Access Management) , Cloud security posture management ,Security Incident Response handling is a plus.
- Platform and Security Certifications such as below is desirable.
- AWS Certified Solutions Architect – Professional
- AWS Certified Solutions Architect – Associate
- AWS Certified Security Specialty
- CompTIA Security +