Cybersecurity engineer (cloud)

Summary:

• The candidate is expected to support tasks within the Cloud Security and DevSecOps space such as provisioning computing resources, installing the software, network/firewall request, account provisioning, backend integrations (PING, Splunk, SOAR, MyAccess and Threat Intelligence Platform), creation of support documentation for operationalization.

Responsibilities:

• Identify and recommend improvement areas in existing enterprise security architecture to address evolving cybersecurity threats.
• Align and balance business requirements with cybersecurity, information and technology requirements, based on the organization’s risk appetite.
• Evaluate, perform proof-of-value/proof-of-concept, design, build and implement enterprise-class cybersecurity systems.
• Develop integrated security operating models and documentations to ensure operational efficiency, scalability, and sustainability.
• Act as a domain expert and trusted partner in CSR; work closely with stakeholders in Technology Group and other business groups on cybersecurity engineering related matters.

Skills Must have:

• At least 10 years of relevant experience preferably in financial services or asset management industries, with minimum 7 years in Cyber Security or Information Security.
• Professional qualification such as AWS and Azure security certifications.
• Hands-on experience in in Secure Software Development Life Cycle (SSDLC), in Java, Python, C#, .NET, Kotlin.
• Working knowledge of Waterfall, Agile, and DevOps development methodologies and deployment to public Cloud environments.
• Strong understanding of DevSecOps tools, design, automation and CI/CD tools, including IaC (Infrastructure as Code), GitLab/GitHub, Jenkins, application containers, as well as IAM (Identity and Access Management) in AWS and Azure.
• Knowledge of Cloud Native Services, including AWS Well Architected Framework, and experience in implementing and operationalizing Cloud Security solutions (in Azure and/or AWS), such as Sentinel, Security Hub, Guard Duty, and Cloud Trail.
• Familiarity with risk assessment and threat modelling techniques, static and dynamic code security analysis and testing, software composition analysis, and API security.
• Ability to produce detailed documentation, including design diagrams and process flows.
• Must be meticulous, versatile, and inquisitive, having strong attention to detail with an analytical mind and outstanding problem-solving skills.
• Desire to learn, working in a diverse environment, interacting with multiple teams and functions to support strategic goals.
• A good team player and excellent communicator.

Skills Good to have :

Professional qualification in information security, such as CISSP / CISM / CEH will be advantageous

Please refer to U3’s Privacy Notice for Job Applicants/Seekers at https://u3infotech.com/privacy-notice-job-applicants/. When you apply, you voluntarily consent to the collection, use and disclosure of your personal data for recruitment/employment and related purposes.