Senior CyberSecurity Engineer

Since our founding, IDEMIA has been on a mission to unlock the world and make it safer through our cutting-edge identity technologies. Our technology leadership makes us the partner of choice for hundreds of governments and thousands of enterprises in over 180 countries, including some of the biggest and most influential brands in the world. In applying our unique expertise in biometrics and cryptography, we enable our clients to unlock simpler and safer ways to pay, connect, access, identify, travel and protect public places – at scale and in total security.

Our teams work from 5 continents and speak 100+ different languages. We strongly believe that our diversity is a key driver of innovation and performance.

Purpose

This Senior CyberSecurity Engineer role is required to have technical expertise across multiple cybersecurity verticals and technologies to perform security risk assessments, security operations, security architecture reviews so as to meet cybersecurity and risk requirements for our proposed solutions.

Key Missions

• Work with partners in the conduct and review of comprehensive security assessments and penetration tests for customer's ICT systems operating in on-premises and managed hosting environments.
• Identify security and compliance gaps, perform threat risk assessments in current setup and propose mitigating measures.
• Standardize and refine security incident response and escalation processes.
• Develops and recommends appropriate mitigation countermeasures in operational and non-operational situations
• Collating data points from various stakeholder for security scorecard reporting and providing actionable insights
• Work with IT Infrastructure team to evaluate, implement and enhance the network perimeter security, endpoint security and hardening, SIEM, patch management, MFA, and Privileged Identity/Access Management (PIM/PAM).
• Work with Software team in the conduct of SAST, DAST, Source Code Review, Software Composition Analysis, Secure Configuration Review, etc.
• Monitor information security alerts triage, mitigate, and escalate issues as needed on a timely basis
• Provide security advisory to stakeholders on regular basis.
• IT Security Management of various aspects, e.g. network security, server security, application security, end point security, email security, physical access security, logical access security, etc.
• Keep abreast of IT/OT security advancements and introduce appropriate security enhancements to customer's system implementations.
• Required to travel to customer's sites on ad-hoc basis for cybersecurity-related reviews and implementations

Profile & Other Information

• Degree or Diploma in engineering, science or information technology, or equivalent education. Preferably 5 years of related work experience in cybersecurity analyst/engineer.
• At least 3 years of proven experience, specializing in the conduct of security assessments with expertise in tools, methodologies (e.g., OWASP, NIST, MITRE ATT&CK), and industry frameworks.
• Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit / log review), conduct of security assessment with CREST-certified third-parties (vulnerability assessment, penetration testing, static application analysis, source code review, secure configuration review), application security, security technologies, security incident response.
• Attain basic understanding in industry security standards such as NIST, ISO/IEC 27001/2, CIS Controls, PDPA. Knowledge of IM8 will be advantageous.
• Proficient in at least 3 of the following IT security tools:
  • Next Generation Firewall (e.g., FortiGate, Palo Alto, Cisco FirePower)
  • Tenable Security Center
  • Endpoint Protection (e.g., Trellix, SCCM, Ivanti)
  • Data Loss Prevention
  • SIEM (e.g. Splunk, Elastic, etc)
  • Python
  • Ansible

By choosing to work at IDEMIA, you will join a unique tech company, offering a wide range of growth opportunities. You will contribute to a safer world, collaborating with an international and global community. We value the diversity of our teams and welcome people from all walks of life, regardless of how they look, where they come from, who they love, or what they think.

We deliver cutting edge, future proof innovation that reach the highest technological standards and we’re transforming, fast, to stay a leader in a world that’s changing fast, too.

At IDEMIA, people can develop their expertise and feel a sense of ownership and empowerment, in a global environment, as part of a company with the ambition and the ability to change the world.

Visit our website to know more about the leader in Identity Technologies

www.idemia.com