Cybersecurity Defensive Engineer (Ascend Money)

FINTECH
location_on Bangkok

Job Description

  • Executes cybersecurity engineer tasks including, but not limited to, security patch management, security vulnerability management, and security configuration management.
  • Tests, implements, deploys, maintains, reviews, and administers the cybersecurity tools.
  • Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
  • Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications.
  • Identify potential conflicts with the implementation of any cyber defense tools (e.g., tool and signature testing and optimization).
  •  Operates and maintains production information security systems.
  • Ensures proper cybersecurity documentation is in place regarding standard operating procedures.
  • Monitors the industry and external environment for emerging threats and advises relevant stakeholders on appropriate courses of action.
  • Oversees incident response planning and the investigation of security breaches and assists with any associated disciplinary, public relations, and legal matters.
  • Applies expert knowledge and skills to resolve problems, including support concepts and methods, problem isolation and troubleshooting procedures, system and file recovery processes, and operating system and network configurations.
  • Prepares and presents cogent and cohesive analyses and briefings advising management on new technological developments, techniques, and enhancements that result in increased time and cost efficiencies.
  • Provides advice and assistance to troubleshoot the most complex problems in a manner that minimizes interruptions in the ability to carry out critical business activities.
  • Supports rapid response teams in response to customer service problems resulting from catastrophic events such as virus infections or widespread power outages.
  • Supports the development of a formal cyber security risk assessment program.
  • Supports and assists in maintaining a vulnerability/gap/response assessment program.
  • Supports the ongoing maintenance of the cyber–Kill Chain for the company, focusing on phases of cyber-attack and remediation/mitigation for each phase.
  • Supports ongoing activities to develop, communicate, and support appropriate standards and risk controls associated with digital data.
  • Supports the development and maintenance of a company Data Protection program.
  • Responds to cybersecurity alerts
  • Cascade and leverage cybersecurity control and practice to the entire company group.

Qualifications

  • Bachelor’s or Master’s degree in Computer Engineering, MIS, IT, or a related field.
  • At least 2 years experience in computer security and 5 years in IT infrastructure.
  • Have a foundation in good information security practices.
  • Knowledge of International Security frameworks, Standards, and Guidelines, e.g., COBIT, NIST-800, ISO 27001, PCI-DSS, OWASP, etc.
  • Experience in Security tools, e.g., EDR, ATP, WAF, IPS/IDS, Deception, TI/TIP, Anti DDoS
  • Experience in Cloud Environments, e.g., Google Cloud, AWS, Microsoft Azure.
  • Experience with system and application security management and control.
  • Experience with system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
  • Experience with facilitating information security risk assessments.
  • Technical writing, documentation development, process mapping, and visual communication skills.
  • Hands-on experience with computer programming languages and/or scripting languages such as Python, Java, and Shell for automation.
  • Professional certificates related to work (e.g., CISSP, CISM, AWS Certified Security, or similar general security certification) are desirable
  • Talent to identify and create a broad vision for a security solution and to execute it;
  • Systems Thinking – the ability to see how parts interact with the whole (big picture thinking)
  • Proven experience of acting as an expert in project teams.
  • A positive, can-do attitude who naturally expresses a high degree of empathy to others.
  • Ability to explain your thoughts or findings also to non-technical professionals
  • Strong problem-solving and analytical abilities Able to work under minimal supervision, detail oriented
  • Excellent English (Spoken and Written).

Location: True Digital Park, Punnawithi