Lead Security Engineer

• Key Responsibilities:Security Incident Response:
• Provide timely and effective security incident response within a 24x7 SOC environment.
• Lead operation teams to effectively maintain the lifecycle of both on-premises and cloud-based security solutions.
• Manage response to security and operational incidents, and on-going security requests.
• Coordinate and manage security incidents to ensure swift identification, containment, and remediation.
• Develop and maintain incident response playbooks and procedures.
• Participate and contribute to industry cyber forums, both formal and informal.
• Support all audits and reviews requests.
• Monitor developments in the information security industry and communicate on the potential impact or applicability to the organization
• Vulnerability Management:
• Support global vulnerability management processes including operating system (OS) and infrastructure patching, hardening, and testing efforts.
• Conduct regular vulnerability assessments (VAPT) and prioritize remediation activities.
• Collaborate with IT teams to implement and validate security patches and updates.
• Security Tools Operation:
• Manage the Total Cost of Ownership (TCO) for security solutions which includes new investments and business-as-usual financials.
• Operate and manage various security tools including Host Intrusion Detection Systems (HIDS), Network Intrusion Detection Systems (NIDS), Intrusion Prevention Systems (IPS), analysers, scanners, and more.
• Continuously monitor and analyse security tools to identify active threats, attacks, vulnerabilities, and exposures.
• Prioritize identified threats and vulnerabilities for remediation activities within the team.
• Threat and Vulnerability Identification:
• Assist in the identification and evaluation of security threats and vulnerabilities.
• Conduct in-depth analysis of security events to determine the root cause and potential impact.
• Provide recommendations for mitigation and remediation solutions to address identified security issues.

QUALIFICATION AND EXPERIENCE

QUALIFICATION & EXPERIENCE

• Proven track record for managing technical resources to deliver technology lifecycle
• Have relevant information security experience working with or for a global exchange or a global financial firm. Other IT operational experience will also be considered.
• Solid knowledge and experience in cloud technologies, and familiar with cloud security architecture, design and operations.
• Relevant experience with SecDevOps principles, Security Automation and Orchestration.
• Must have relevant experience with industry best-practice approaches to the design, implementation, operation and management of IT systems (e.g. Agile, Waterfall, ITIL, COBIT)
• Must have relevant experience with information security (e.g. CISSP, CCSP).
• Must have strong information security technology knowledge/concept and can effectively communicate with senior management and a broad range of technical/non-technical audiences. Strong written communication skills, experienced with writing board-level papers and verbal presentations to senior management.
• Must have a relevant University degree in Computer Science, Information Management, or related field, or equivalent experience.

COMPETENCY AND BEHAVIORAL SKILLS (Use "E" to denote Essential and "D" for Desirable)

E- Bachelor's degree in computer science, information systems, cyber security or a related field.

E- At least 10 years of relevant experience in cyber security

E- Knowledge of information technology operation (e.g. cloud, data, system, application and infrastructure, etc.)

E- Knowledge of cyber security assessment (e.g. security audit, vulnerability assessment, penetration testing, etc.)

E- Knowledge of cyber security product (e.g. End-Point Solution (EDR), WAF, DLP, SIEM, SOAR)

E- Knowledge of market best practice and framework (e.g. ITIL, ISO, PCI-DSS, NIST, etc.)

E- Certification in cyber security is an advantage (e.g. CISSP, CISM, CISA, ISO Lead Auditor, CEH, etc.)

D- Certification in project management and framework is an advantage (e.g. PMP, CPM, CSM, PRINCE2, CompTIA Project+, etc.)