Senior Manager IT Security Engineer

Drive the Company's IT Security Engineering function as a SME for the Company and all Business Units (10 Business Units) in Asia Pacific.

Define and partner with stakeholders in a multi-disciplined team structure, designing and implementing cloud security solutions to provide coverage across a variety of projects

Lead stakeholders' and vendors engagements and providing subject matter expertise to Business Units and engagement teams

Develop deep working relationships with senior executives across engagement teams.

Responsible and execute large-scale project deliveries

Manage teams and mentor junior resources

Oversee infrastructure and microservices security architecture (inclusive of: container security architecture, data security architecture, network security architecture and operational security architecture).

Review the infrastructure and microservices design against different security regulatory, industry and internal standards such as PCI DSSand CSA Containers' security guidelines and identifying the necessary security architecture requirements for the same.

Review the infrastructure and microservices network and data architecture and identifying the necessary security architecture requirements for the same.

Ensure that final design addresses identified threats and countermeasures during threat modelling.

Build knowledge capital through research and development and leveraging industry insights to deliver best of breed expertise to stakeholders.

Lead the growth of cloud security practice across business units, project team and other stakeholders.

Drive IT Security Engineering Initiatives and Projects definition and implementation, selection of solutions and architecture, as well as define operations framework and its continuous improvement.

On Time on Budget delivery ofkey IT Security Engineering Program uplifts or deployments, aligned with Group IT Security roadmap.

Support the Head of IT Security Engineering in continuous uplift of the IT Security Engineering program.

Ensure IT Security Engineering Program across Business Units is carried out in alignment with the Company's business objectives and defined IT Security Plan timelines.

Group IT Security Engineering Security Framework implementation and controls are delivered in a cost-effective way using processes and resources (including people andtechnologies) aligned with the Company's business goals.

Group IT Security Engineering support and governance are provided for all Business Units.

IT Security Engineering Program awareness is conducted when necessary.

Doing things right, creating synergies for the overall the Company's goals and objectives, along with a people first approach.

Head of IT Security Engineering

Group CISO

Business Units IT SecurityTeams

Group and Business Units Chief of Technology and Operations

Group and Business Units IT & Operations

Group and Business UnitsInternal Audit

External Auditors

Vendors and/or Service Providers

Minimum 8 years working experience in IT Security Management role, preferably in Financial Services.

Regional experience in IT Security Technical or Engineering roles.

Degree from Information Technology or equivalent discipline.

Technical experience in Identify, Protect, Detect, Response or Recover areas.

Cloud security-related certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud SecurityProfessional (CCSP), or any cloud provider-specific security certifications.

A robust grasp of cloud security best practices, principles, and patterns. This should include knowledge of the Shared Responsibility Model and an understanding of how it impacts security posture.

In-depth knowledge of at least one major cloud service provider (e.g., AWS, Azure, GCP) with a comprehensive understanding of their service offerings, architecture, and security controls.

Experience with scripting and automation tools to streamline security operations.

Knowledge of vulnerability scanning tools and techniques, as well as experience with there mediation of identified vulnerabilities.

Knowledge of cloud networking constructs, security groups, network ACLs, and other network security methodologies.

Excellent interpersonal and influential skills to enable the implementation and enforcement of the IT Security Engineering program.

Good communication and presentation skills.

13th salary

Bonus paid in April next year if joining before Oct 2024

Paid leave up to 22 days per year (prorated for partially joining)

Work remote 1 day per week

Health insurance for employees and direct dependents

PEGASI – IT Recruitment Consultancy | Email: recruit@pegasi.com.vn | Tel: +84 28 3622 8666