It Security Engineer Jobs

Job Requirement

• Preferably Staff (non-management & non-supervisor) specialized in IT/Computer - Software or equivalent.
• Expertise in analysis and handling of security vulnerabilities as well as experience in implementing remedial measures.
• Good skills in oral and written communication to interact effectively with various stakeholders.
• At least 1 Year(s) of working experience in the related field is required for this position.
• Knowledge of Agile SSDLC (Secure Software Development Lifecycle)
• Having CEH, OSCP, CISSP or other IT related certificates is an advantage
• Required Skill(s): OSI LAYER, TCP/IP, OWAPS, CVE
• Candidate must possess at least Bachelor's Degree in Engineering (Computer/Telecommunication) or equivalent.
• Experience in information security or network security, related to penetration testing, security analysis, Vulnerability Assessment or security management.
• Knowledge of CICD Pipeline, Kubernetes and several programming languages such as PHP, Golang, Java, Python, Bash is a plus.
• Strong understanding of network security, network architecture, protocols and related technologies.
• Experience in identifying, analyzing and responding to security incidents.
• Ability to work collaboratively with IT and business teams to identify and address security issues.
• Deep knowledge about Operating System Security and such as Windows, Linux and UNIX and Database Security with suitable security configuration
• Understanding of cloud architecture, especially in the area of cloud security.
• Strong analytical skills to analyze security threats, identify vulnerabilities and design effective security solutions.
• An understanding of security frameworks such as ISO 27001 or NIST.

• Conduct penetration testing and security audits to identify vulnerabilities in IT infrastructure.
• Manage user and role access, and enforce strict security policies.
• Documenting and defining company data security policies.
• Resolve security incidents promptly and take appropriate remedial steps.
• Manage and maintain security systems, including software updates, security patches, and proper configuration.
• Make continuous improvements to the security infrastructure and implement necessary updates to security policies and practices.
• Design and implement appropriate security policies, including firewall settings, network security settings, and operating system security settings.
• Develop and implement a risk assessment plan to mitigate security risks.
• Conduct regular safety evaluations and periodic safety tests to ensure ongoing protection.
• Manage Infrastructure Security & Policy Implementation
• Monitor the latest security trends and technology developments to ensure effective protection against new threats.
• Evaluate systems and applications to identify security holes and provide recommendations for improvements.
• Conduct security training for staff and users to increase awareness about information security.
• Analyze the security needs of corporate systems and networks.
• Responding to and recovering from security attacks, including data recovery, system recovery, and fixing of exploited vulnerabilities.
• PCI DSS & IT Governance Implementation
• Ensuring the use of best practices in secure application development.
• Risk Management & Business Continuity Plan
• Investigate security incidents and perform forensic analysis to identify causes and effects.
• Actively monitor systems and networks to detect and respond to threats using security monitoring tools and instrusion detection systems.
• Fraud & Anomaly Transaction Monitoring