Sr Principal Cyber Security Engineer page is loaded
Sr Principal Cyber Security EngineerApply locations Penang, MY time type Full time posted on Posted 2 Days Ago job requisition id
Responsibilities:
Perform Security reviews, provide risk-based security subject matter expertise to our product and engineering teams.
Identify and define system security requirements.
Partner with engineering teams on internal and customer-facing security initiatives, ensuring that security data confidentiality, integrity, and availability are considered.
Analyze our security posture, identify gaps/potential vulnerabilities, and work closely with other teams to ensure strong operational security by conducting security assessments.
Review third party tools used by the company to ensure that these tools are compliant with our security practices for the data they will host and process.
Create comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
Participate in incident response team in the event of security incident, including investigation, mitigation, and post-incident analysis, as well as develop and maintain an incident response plan.
Maintain awareness of industry best practices for data maintenance handling as it relates to your role.
Adhere to policies, guidelines and procedures pertaining to the protection of information assets.
Qualifications:
4+ years of working experience in Cyber Security.
Professional Security Certification preferred (e.g., CISM / CISSP / GIAC).
Bachelor's degree in computer science or a relevant field.
Experience with network security and networking technologies and with system, security, and security monitoring tools.
Knowledgeable in compliance programs and frameworks (e.g.: SOX, SOC2, NIST, ISO).
Extensive knowledge of current security best practices and related trade-offs.
Highly organized and detail-oriented; can handle multiple projects and dynamic priorities.
Ability to communicate in a written and oral format to technical and non-technical audiences in a business-friendly manner.
Skills:
Strong analytical and problem-solving skills.
Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders.#J-18808-Ljbffr