Job Description

One of the global banks is expanding its presence in APAC.
As a part of expansion, client is looking to hire Regional Information Security Engineer, who will play a key role in expansion.

Responsibilities

• The Regional Information Security Engineer, Asia & Oceania is responsible for designing, deploying, and maintaining security solutions in the Asia & Oceania region to address the Bank\'s security requirements. Reporting to the Regional Head, Chief Information Security Officer, Asia & Oceania, this is a vital role for the Bank to protect the organization.
• Assist the Regional Head, Chief Information Security Officer, Asia & Oceania to drive the Bank\'s security transformation agenda including implementation of security strategy and technology solutions for the region.
• Ensure that the Bank\'s data and infrastructure are protected by enabling appropriate security controls
• Design security architecture and develop a cybersecurity deployment plan such as Endpoint Detection and Response (EDR) implementation.
• Develop technical solutions to automate repeatable tasksfor better efficiency and further product innovation
• Configure and troubleshoot security systems
• Maintain all security solution design documents, processes, and procedures and report on metrics to demonstrate effective management of the solutions.
• Work with the peers under the Chief Information Officer, Asia & Oceania to handle service requests related to security tools (e.g., proxy whitelisting and DLP email rule changes).
• Review the Bank\'s systems to ensure that they have met the mandatory security requirements.
• Work with third party vendors to maintain and enhance capability and functionality of security products
• Lead the responses to cybersecurity incidents.
• Continuously assess cyberattack surface and exposure to protect the Bank\'s sensitive information.
• Provide comprehensive security risk profile including issues and propositions for further system security enhancement.
• Keep up to date with evolving attack tactics, techniques and procedures and apply continuous improvement to security tools and processes

Skills

Must have

• Minimum of 15 years\' experience in security related work including proven work experience as an Information Security Engineer.
• Strong knowledge in security solutions at various levels - application, infrastructure, network and data.
• Experience in building, maintaining and operating security tools including Endpoint Detection and Response (EDR) or Extended Detection and Response (XDR) tools.
• Hands on experience in various security systems such as firewalls, intrusion detection / prevention systems, anti-virus

software, authentication systems, log management, content filtering, and web proxies.

• Good understanding of various security frameworks such as MITRE ATT&CK (Tactics, Techniques, and Procedures), OWASP, and NIST Cybersecurity Framework
• Professional certifications such as CISSP, CISA, and CISM
• Effective communication skills with senior management including presentations and report writing skills.
• Analytical mindset and problem-solving abilities
• Good understanding of cloud environment and up to date industry trend.

Nice to have

• Familiarity in scripting or automation is an advantage
• Experience in financial services or regulated environments is preferred

Languages

English: C2 Proficient

Seniority

Senior

Relocation package

If needed, we can help you with relocation process. .

Vacancy Specialization

Engineering Program Management

Ref Number

VR-98590

Luxoft