JOB DESCRIPTION
PURPOSE
Drive the Company's IT Security Engineering function as a SME for the Company and all Business Units (10 Business Units) in Asia Pacific.
Define and partner with stakeholders in a multi-disciplined team structure, designing and implementing cloud security solutions to provide coverage across a variety of projects
Lead stakeholders' and vendors engagements and providing subject matter expertise to Business Units and engagement teams
Develop deep working relationships with senior executives across engagement teams.
Responsible and execute large-scale project deliveries
Manage teams and mentor junior resources
Oversee infrastructure and microservices security architecture (inclusive of: container security architecture, data security architecture, network security architecture and operational security architecture).
Review the infrastructure and microservices design against different security regulatory, industry and internal standards such as PCI DSSand CSA Containers' security guidelines and identifying the necessary security architecture requirements for the same.
Review the infrastructure and microservices network and data architecture and identifying the necessary security architecture requirements for the same.
Ensure that final design addresses identified threats and countermeasures during threat modelling.
Build knowledge capital through research and development and leveraging industry insights to deliver best of breed expertise to stakeholders.
Lead the growth of cloud security practice across business units, project team and other stakeholders.
Drive IT Security Engineering Initiatives and Projects definition and implementation, selection of solutions and architecture, as well as define operations framework and its continuous improvement.
KEY ACCOUNTABILITIES
Support the Head of IT Security Engineering in define and maintainthe IT Security Engineering framework for the Company.
Drive awareness and support to Group IT Security, Group IT and Business Units IT, to understand the IT Security Solutions and Processes, as well as their implications across the organization.
Drive IT Security Engineering Initiatives and Projects definition and implementation, selection of solutions and architecture, as well as define operations framework and its continuous improvement.
Partner with the Head of IT Security Engineering and Group CISO, through tracking and reporting function, to ensure regular updates to management on the IT Security Engineering Program and risks.
KEY PERFORMANCE INDICATORS
On Time on Budget delivery ofkey IT Security Engineering Program uplifts or deployments, aligned with Group IT Security roadmap.
Support the Head of IT Security Engineering in continuous uplift of the IT Security Engineering program.
Ensure IT Security Engineering Program across Business Units is carried out in alignment with the Company's business objectives and defined IT Security Plan timelines.
Group IT Security Engineering Security Framework implementation and controls are delivered in a cost-effective way using processes and resources (including people andtechnologies) aligned with the Company's business goals.
Group IT Security Engineering support and governance are provided for all Business Units.
IT Security Engineering Program awareness is conducted when necessary.
Doing things right, creating synergies for the overall the Company's goals and objectives, along with a people first approach.
EXTERNAL & INTERNALCONTACTS
Head of IT Security Engineering
Group CISO
Business Units IT SecurityTeams
Group and Business Units Chief of Technology and Operations
Group and Business Units IT & Operations
Group and Business UnitsInternal Audit
External Auditors
Vendors and/or Service Providers
JOB REQUIREMENT
QUALIFICATIONS / EXPERIENCE
Minimum 8 years working experience in IT Security Management role, preferably in Financial Services.
Regional experience in IT Security Technical or Engineering roles.
Degree from Information Technology or equivalent discipline.
Technical experience in Identify, Protect, Detect, Response or Recover areas.
KNOWLEDGE & TECHNICALSKILLS
Cloud security-related certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud SecurityProfessional (CCSP), or any cloud provider-specific security certifications.
A robust grasp of cloud security best practices, principles, and patterns. This should include knowledge of the Shared Responsibility Model and an understanding of how it impacts security posture.
In-depth knowledge of at least one major cloud service provider (e.g., AWS, Azure, GCP) with a comprehensive understanding of their service offerings, architecture, and security controls.
Experience with scripting and automation tools to streamline security operations.
Knowledge of vulnerability scanning tools and techniques, as well as experience with there mediation of identified vulnerabilities.
Knowledge of cloud networking constructs, security groups, network ACLs, and other network security methodologies.
Excellent interpersonal and influential skills to enable the implementation and enforcement of the IT Security Engineering program.
Good communication and presentation skills.
WHAT'S ON OFFER
13th salary
Bonus paid in April next year if joining before Oct 2024
Paid leave up to 22 days per year (prorated for partially joining)
Work remote 1 day per week
Health insurance for employees and direct dependents
CONTACT
We are
PEGASI – IT Recruitment Consultancy in Vietnam. If you are looking for new opportunity for your career path, kindly visit our website
www.pegasi.com.vn for your reference. Thank you!