Senior Security Engineer (CF-34080389)

Our client is looking for a security engineer who will work in Security Unit, Global Infrastructure Organization to implement and maintain information security globally and protecting them from cyber threats. Roles in Security Unit varies from cloud security to application security, API security, security operation and so on, and you will be taking one or more roles based on your expertise and our client's needs. You will need to understand and solve business problems while managing associated risks and compliance requirements.

This position will report to Global Security Unit Leader, and you will need to work with support from and in alignment with other infrastructure units and other business units.

You will be involved on information security matters globally, and will be responsible for the following areas:

• Identifying, analyzing, and resolving security vulnerabilities in on-premise and cloud environment
• Work with technical and business units across the organization globally and regionally, as a security reference point, offering advice, support, and guidance on all a wide range of security issues
• Analysis of the current security situation in your respective region, followed by a strategic planning and the implementation of security concepts, in line with the corporate security strategy
• Lead the development and implementation of effective and reasonable security rules and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation
• Ensure information, application and service security by developing, testing, communicating and maintaining security services, including penetration testing, vulnerability scanning and mitigation, forensics, event and incident response plans, and other related security services
• Other information security related works requested by the company
• Develop education and awareness programs and advise business and IT units at all levels on security issues, best practices, and vulnerabilities as necessary.
• Performance of security audits according to local regulation and being the point of contact for security related inquiries from the business units
• Propose, implement, and support security systems and technology solutions in line with global security direction and best practices in cloud security
• Provide technical guidance to the infrastructure and system development teams to enforce security controls and advise any associated business risks taking into account any relevant corporate, business and local requirements (legal and regulatory)
• Design, propose, implement, and support the delivery of information security solutions

• Exposure in maintaining operational computer and network security, firewall administration, virus protection, intrusion detection and prevention, identity and access management, application security, automated security patching, and vulnerability scanning systems
• Ability to cooperatively and effectively work with stakeholder from all organizational levels and build consensus through negotiation and discussion
• Experience administering information security programs including risk assessments and forensic research, designing security architectures, developing policies, gathering metrics, and reporting status as well as knowledge of information systems technology, products, services
• Experience in project management and strive for pragmatic, solution-oriented approaches
• Comfortable working in a fast paced, dynamic and global environment
• Nice to have ISSP, CISM or equivalent certification