Security Engineering Supervisor

Job Summary:

The Security Engineering Supervisor will lead a team of APAC based security engineers responsible for the protection of our cloud-based and on-premises infrastructure. This role requires expertise in cloud security (primarily Azure) along with a strong grasp of network security, identity and access management, vulnerability management, and incident response. The Supervisor will drive the implementation of security best practices, manage security projects, conduct risk assessments, and ensure adherence to compliance requirements. This position also entails mentoring team members, fostering an environment of continuous improvement, and collaborating cross-functionally with other departments to ensure alignment with security objectives.

Principal Responsibilities:

• Team Leadership & Development: Supervise, mentor, and develop a team of security engineers, providing technical guidance and career support.
• Cloud Security Management: Design and implement security protocols in Azure environments, focusing on network security, data protection, and compliance.
• Vulnerability Management: Lead the identification, assessment, and remediation of security vulnerabilities across cloud and on-premises environments, ensuring timely patching and configuration adjustments.
• Incident Response: Oversee incident response efforts by coordinating team members and cross-department resources. Ensure quick and efficient resolution of security incidents.
• Compliance and Risk Management: Develop and enforce security policies and standards to meet regulatory compliance requirements (such as PCI-DSS and GDPR). Conduct regular risk assessments and audits of security practices.
• Automation & Optimization: Promote the use of automation for repetitive security tasks and vulnerability scanning, leveraging tools and scripting (e.g., Python) to streamline processes.
• Stakeholder Collaboration: Partner with IT, product, and engineering teams to integrate security into system architecture and software development lifecycle (SDLC). Communicate security risks and strategies to executive leadership.
• Metrics and Reporting: Develop and track key performance indicators (KPIs) and security metrics to gauge the effectiveness of security controls. Prepare and present reports to senior management and stakeholders.
• Other Duties as Assigned

Distinguishing Characteristics:

• Strong Leadership & Communication Skills: Demonstrated ability to lead and inspire a team of engineers, along with excellent interpersonal and communication skills to engage with both technical and non-technical stakeholders.
• Technical Depth in Cloud Security: Proven expertise in Azure security services, including configuring and managing IAM, security groups, VPCs, logging and monitoring, and CSPM reports.
• Adaptable Problem-Solver: Proactive in addressing security challenges and skilled in devising efficient solutions for complex security issues in a fast-paced environment.
• Continuous Learning Mindset: Enthusiastic about staying updated with the latest in cloud security, threat intelligence, and best practices, and instilling this culture of learning within the team.

• Risk-Oriented Decision Making: Ability to assess risks and make informed decisions that balance security needs with operational impacts, aligning with overall business goals.
• Industry certifications such as CISSP, CASP, or GIAC are a plus.
• Relevant vendor specific certifications are a plus.

Work Experience:

• Typically, 7+ years with bachelor's or equivalent.

Education and Certification(s):

• Bachelor's degree or equivalent experience from which comparable knowledge and job skills can be obtained.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills.