Security Engineer

Job Overview:

We are seeking a skilled and detail-oriented Security Engineer to join our team in Malaysia. Operating within a BNM-regulated environment and adhering to PCI-DSS standards, you will play a crucial role in maintaining the security posture of our systems. This position involves working across multiple environments, including PROD, DR, DEV, SIT, and UAT, distributed across two data centers. As a Security Engineer, your responsibilities will encompass executing day-to-day operations, managing tasks through a ticketing environment, and ensuring compliance with regulatory requirements.

Responsibilities:

1. Security Operations:

• Implement and monitor robust security measures to safeguard the organization's systems and data.
• Conduct regular security assessments and audits to identify vulnerabilities, ensuring compliance with BNM regulations and PCI-DSS standards.
• Develop and execute incident response plans and analyse/respond promptly to security incidents.

2. BAU Operations:

• Execute daily security tasks related to the operations of the environment.
• Utilize ticketing systems for efficient management and prioritization of securityrelated tasks.
• Identify and address vulnerabilities using scanning tools and methodologies.

3. Change Management:

• Actively contribute to planning and implementing security-related changes in the environment.
• Document all security-related change requests, ensuring compliance with regulatory requirements.

4. Audit Compliance and Recommendations:

• Ensure adherence to security audit requirements stipulated by BNM and promptly address any recommendations.
• Collaborate with internal and external audit teams to facilitate security audits and assessments.
• Apply knowledge of security architecture principles to design and implement secure systems.

5. Project Involvement:

• Play a key role in security-related projects, providing expertise to ensure security requirements are met.
• Collaborate closely with project teams, integrating security best practices into project deliverables.

6. Documentation and Reporting:

• Maintain comprehensive documentation for security configurations, processes, and procedures.
• Regularly update task progress, providing clear and concisecommunication to relevant stakeholders.

Qualifications:

1. Advanced Certifications:

• Possession of advanced security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Ethical Hacker (CEH).

2. Industry Experience:

• Proven experience in the specific industry or vertical, demonstrating a deep understanding of sector-specific security challenges.

3. Year of relevant working experience min 5 years to 10 years.