Engineer, Security Operations (Contract role)

What will your role look like? 

As a Security Engineer, you will focus on protecting AI-driven systems and sensitive healthcare data. This hands-on role emphasizes AI threat modeling, DLP enforcement (endpoint & Microsoft Purview), MIB compliance, incident response, and audit readiness. You will be responsible for daily security monitoring, testing AI systems against adversarial threats and preparing for both internal and external audits related to data protection and AI security.

This role reports to the Security Director and is based in Brunei Darussalam.

Key responsibilities:

Security Operations & Incident Response:

• Monitor daily security logs from endpoints, DLP systems, firewalls, WAFs, and SIEM platforms.
• Investigate and respond to security alerts, perform triage, and conduct root cause analysis.
• Coordinate and support internal red team / blue team testing across AI and data platforms.
• Maintain security tooling such as Fail2Ban, WAF, EDR, and local intrusion prevention systems.
• Conduct regular vulnerability scans and track patch remediation for internal systems.

AI Security & Threat Modeling:

• Perform threat modeling for AI/LLM systems, covering prompt injection, adversarial misuse, data 
  leakage, and API abuse.
• Design and test security controls for internal and public-facing AI interfaces.
• Lead or support AI red team testing to assess model robustness and abuse resistance.
• Monitor for abnormal usage patterns and implement safeguards against prompt abuse and system 
  manipulation.
• Collaborate with development teams to embed AI security throughout the development lifecycle.

Data Loss Prevention (DLP):

• Define, implement, and maintain endpoint DLP policies (USB, print, clipboard, network restrictions).
• Manage and optimize Microsoft Purview DLP policies for Exchange, Teams, SharePoint, & OneDrive.
• Review DLP alerts daily, investigate incidents, and escalate data violations to relevant stakeholders.
• Perform regular policy tuning and generate reports on DLP effectiveness and violations.

Compliance, Auditing & Documentation:

• Support internal and external audits related to DLP and AI security.
• Ensure appropriate technical controls and evidence are in place for MIB compliance and healthcare data regulations.
• Maintain up-to-date documentation of security controls, AI testing procedures, and data protection workflows.
• Assist in preparing weekly/monthly security reports, including summaries of DLP alerts, AI risks, red 
  team findings, and audit status.
• Coordinate with compliance, legal, and CSB partners on audit requests, documentation, and 
  remediation activities.

Qualifications & Requirements:

• 2+ years of experience in security engineering, data protection, or AI system security.
• Strong experience with endpoint DLP solutions and Microsoft Purview DLP management.
• Familiar with AI/LLM security risks, including prompt injection, adversarial misuse, and red team 
  testing.
• Hands-on experience with security incident response and policy enforcement.
• Understanding of MIB compliance, healthcare data protection, and related audit processes.
• Proficient in Python, PowerShell, or Bash for automation, log parsing, or report generation.
• Strong documentation and communication skills; Mandarin speaking is a plus.

Travel Requirements:

Minimal to no travel is required for this role.

What skills do you need? 

Human skills 

• Clear and confident communication when working with technical and non-technical teams.
• Strong sense of ownership - able to work independently and take initiative in solving problems.
• Analytical mindset with attention to detail when reviewing security logs or responding to incidents.
• High integrity and professionalism when dealing with sensitive healthcare data and security matters.
• Well-organized with good time management when handling multiple alerts, reports, or tasks.
• Comfortable collaborating with legal, compliance, or external partners on audits and documentation.

 Base technical skills 

• Familiar with endpoint and cloud security concepts - including DLP, firewalls, and SIEM tools.
• Basic experience with scripting languages (e.g., Python, PowerShell, Bash) for automation or log analysis.
• Understanding of AI system risks such as prompt injection, adversarial attacks, or data leakage is a plus.
• Experience with tools like Microsoft Purview or cloud platforms like AWS (basic security services).
• Able to support vulnerability scanning, patch tracking, and basic incident response workflows.
• Experience working in the healthcare or health tech sector is a bonus.