We are looking for a Principal Engineer in Cybersecurity who is passionate and always in the forefront of the latest technologies to provide security-by-design leadership and help transform our clients Cybersecurity systems and processes.
Degree in Cybersecurity, Computer Science, Information Systems, Engineering;
At least 10 years of work experience in Information System development lifecycle or cybersecurity area;
Demonstrated working knowledge of technology processes, security policies, standards, controls, and risk measurements;
Has experience in one or more of the following areas: Network & Infrastructure security, Application & Database security, IoT & Platform Security, Mobile device security, Cloud security, Pen-testing & Vulnerability Analysis, Threat Intel and Hunting, Malware Forensics and Incident Response;
Ability to work with cross-functional, multi-disciplined team to formulate, institute and monitor security policies and procedures;
Excellent communication skills and emotional intelligence to influence key decisions, mediate conflicts and build consensus;
Preempt any risks and mitigate any threats or problematic areas proactively;
Strong personality and yet personable to build and enrich relationships within the organization;
Excellent communication, presentation, planning and organization skill.
CISSP or CISA Certified.
Responsible to design and architect cybersecurity solution for the internal and external system throughout the organization;
Be the SME and provide guidance to various project teams and ensure all projects are compliant to the security practices and standards;
Provide security governance, enforcing cyber security risk assessment, risk acceptance and proper risk management;
Involved in cyber security compliance and controls, self-assessment processes and documentation related tasks;
Help the operations and technical team to understand the security risk and recommended risk mitigation plans;
Work closely with the various cross-functional teams to establish, formulate, institute and monitor the security policies, standards and procedures in line with the organization's cyber security directions;
Help to strengthen, troubleshoot, and defend the internal system and infrastructure;
Provide advisory and technical consultancy on the appropriate cyber security solutions and technologies to be deployed;
Engage with external vendors to explore other innovative information security products and technologies.