What you’ll Do:
- Consult in the development and design of security best practices and implementation of solid security principle across the organization to meet business goal and compliance requirement.
- Create the security baseline and guideline for cloud based infrastructure and micro service application based on security policy & standard
- Maintain cloud and application security posture against relevant threats, mitigating information security risk to acceptable level.
- Audit existing environment design and analyze gaps against security practices and standards
- Review security policies, procedures, standards and guideline and also provide training to relevant team.
- Participate in security incident response team to mitigate any security issue
What you’ll Need:
- Deep understanding and knowledge of information security concept.
- Knowledge in Security Framework and Concepts, Compliance, Risk and Regulations, PDPA, PCI DSS, COBIT and ITIL
- Understanding of Windows, Linux and cloud security control including AWS and GCP
- Understanding of SOA, Micro service design application.
- Good analytical, technical, written and verbal communication skills.
It’d be Great if you have:
- Earned any of security, audit, and compliance-related certification e.g., Associate of (ISC)², CISSP, CISA, CRISC, CISM, CompTIA Security+, ISO/IEC 27001
- Experience with security, audit and compliance contexts e.g., PCI, SOC2, SOX, and ISO standards
- Understanding of modern IT infrastructure; cloud environments (AWS preferred) and Linux containers and orchestration systems (Kubernetes)