IT Security Engineer (Rizal/ Naga)

Overview

IT Security Engineer

Summary:

                Assist the IT Security Manager/Leaders for the overall strategy, implementation, engineering and management of the organization's IT security controls, initiatives and program. This role involves protecting the organization's data, application, systems, server and network infrastructure from internal and external threats. This is a crucial role with more collaboration with the various teams and front line of defense against ever-evolving cyber threats to ensure the confidentiality, integrity, and availability of the organization’s assets.

Responsibilities

Job roles and responsibilities

• Security Tool Administration: Administer and maintain assigned security technologies such as endpoint, identity, email / collab restriction, data protection and application security controls in a hybrid environment.
• Threat Management: Support in collecting and analyze threat intelligence from various sources (e.g., open-source intelligence, commercial feeds, industry reports) to identify emerging threats and vulnerabilities. Correlate threat data with the organization's environment for remediation.
• Vulnerability Management: Administer and managed vulnerability scanning, coordination and penetration testing activities and tracking. Analyze results, prioritize vulnerabilities, and work with IT teams to remediate identified issues.
• Patch Management: Regular reviews, coordination and oversight of patch management activities across the IT ecosystem.
• Secure Configuration Management: Managed and delivery compliance as aligned with policy, ISM, CIS and best practices.
• Incident Response: Participate in incident response activities, including containment, eradication, and recovery. Assist in creation of incident response plan to effectively handle security incidents and breaches.
• Documentation and process: Assist for the creation and rebuild/improve IS and IT Security process.
• Support GRC/Information Security Team: Assist to ensure compliance and audit, conducting risk assessments, developing IT Security documented procedures

Qualifications

Qualifications

• Bachelor’s degree in Computer engineer, Information system or any related IT courses.
• At least 1 year of experience designing, managing, and supporting different IT security solutions, incident response and risk management.
• At least 1 year of experience with secure configuration, vulnerability assessment tools and remediation solution.
• At least 1 year of experience with network and protection systems, network, application and system security, segmentation and management.
• At least 1 year of experience in security configuration and maintenance related to Cloud Based Infrastructure like Azure AD Security, Office 365 Security, Security.
• Good understanding of Industry standards and regulations such as ISO, SOC2, PCI DSS, NIST.
• Good understanding with different Servers, Linux, iOS/Android and network devices.
• Strong organizational skills to manage multiple projects and priorities simultaneously
• Can communicate effectively with management, peers, and customers across disciplines and geographies to clearly articulate issues, impacts and advise on preferred solution(s).
• Able to work independently and collaboratively within a diverse team environment.
• Knowledge in ITIL framework.
• Analytical and Problem-Solving Skills: Ability to analyze complex security issues, identify root causes, and develop effective solutions.  
• Communication Skills: Good written and verbal communication skills, with the ability to explain technical concepts to both technical and non-technical audiences