Agensi Pekerjaan Two95 International SDN. BHD. Hiring! Full Time Cybersecurity Engineer in Selangor, Earn up to MYR 15,000 - Ricebowl

ROLE: Cybersecurity Engineer

LOCATION: TCS Office *Level 2, Wisma LYL, 12, Jalan 51a/223, Seksyen 51a, 46100 Petaling Jaya, Selangor*

POSITIONS: 1

JOB DESCRIPTION:

We are looking for Cybersecurity Engineer with 6 to 10 years of experience.

Job Summary:

Cyber Security Operation (CSO) is a critical function within Standard Chartered Bank operating under the overall purview of Enterprise Technology (ET). ET is accountable for enterprise-wide infrastructure, data centres, Cloud, network, end-user services (EUS) and security (STS).The CS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products to maintain and continuously improve Bank’s cyber security posture in today’s ever evolving cyber security landscape.

RESPONSIBILITIES

Business*

• The CS team protect the Bank from cyber security threats by delivering effective information security technology services, managing, and responding to security incidents to ensure, and support the continuity and growth of Bank’s business operations; and meet the both internal and external stakeholders’ expectations across 70+ countries and territories.
• CS Operations function is a transversal service with a primary objective of managing operational activities for all STS owned products and services.
• This technical SME role is responsible for operational activities (service requests, change requests etc.) of Authentication and PIM function (listed later in the document). This role supports 24x7 BAU operational activities for existing services/technologies and automating routine with a key focus on end-user experience and self-service.

Processes*

• This role is accountable for ensuring the CS services are adherent to all relevant Group standards, processes, and policies. The criticality of services provided by CS means there is emphasis, diligence and rigor on process adherence and risk management. The performance of CS services is audited and often reported to regulators.

People & Talent*

• This role is accountable of leading a team of technical people in delivering STS services. The focus on people development and people leadership is a significant part of this role.

Risk Management*

• This role is responsible for ensuring all Authentication and PIM services adhere to Group Risks Management Standards and all services are audit ready at any given time.

Governance*

This role is responsible for ensuring all Authentication and PIM STS services adhere to Group standards and all services are audit ready at any given time

Regulatory & Business Conduct*

• Display exemplary conduct and live by the Group’s Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Help the Authentication and PIM operations team with specific technologies to achieve the outcomes set out in the Bank’s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment].
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key stakeholders*

• Architecture, Site Reliability Engineering and Service heads who own the strategy and roadmap for CS.
• Project teams that deliver new services or improve existing services via projects or initiatives.
• Infrastructure support teams (servers, databases, networks, etc).
• Service Management team (change management team, major incident management team, support teams locally in countries where we operate, and CS services are consumed).
• Application support teams (other application teams that rely on STS services).
• Internal Risk Management teams and auditors.
• Technology and Innovation (CIO Function) team.

Other Responsibilities*

• Accountable for managing the SME team, address the gaps in the process, automate manual tasks and address any failures in the automation or systems supporting it.
• Responsible for managing SME tasks for some of the below services
• Authentication and PIM technologies BeyondTrust, ForgeRock, HashiCorp Vault. Secret Double Octopus.
• Identify tasks with repetitive nature and automate wherever feasible.
• Align and adopt SRE practices in day-to-day operations.
• Work closely with related teams, viz. platform, infra, SCM on a day to day basis.
• Able to Provide artefacts from the service when required.
• Work closely with business and other stakeholders to deliver their security requirements.
• Participate in security incident response activities.
• Be a subject matter expert within security production support by providing solutions to complex problem statements.
• Adoption of standard tools and techniques for support management including event monitoring, batch management for routine activities, resiliency, capacity and for other standard core support processes like Incident, Problem and Change.
• Ensure IT assets of STS are appropriately recorded and recertified; This includes maintaining list of security services, service and support ownership, assets – servers, software and relationship with upstream and downstream systems.
• Proactive review of production platform related risks or non-compliances like resiliency, capacity, obsolescence, event monitoring and reporting controls, and ensure full risks awareness is in place.
• Take part in on-boarding newer capabilities/products into production support by reviewing all non-functional requirements, service validation and ensuring compliance to technology delivery assurance.
• Contribute to product strategy and lifecycle, wherever applicable; Also ensure there are no redundancies of services within STS products and services.
• Conduct production service level reviews with all key stakeholders with STS.
• Contribute in security product roadmap and strategy.
• Support on-boarding of all newer capabilities into STS.
• Engage with other transversal technology services teams like data centre, database and platform support, ensuring there is adequate awareness of security tools, products and services, its significance to the security ecosystem for the bank.
• Establish and govern all service reviews with suppliers/vendors providing support services for STS.
• Plan and manage the financials (budget, forecasts, actuals) for Security Production Support and ensuring the spends do not overrun.
• Adoption of DevOps and industry standards and practices for Security Production support.

QUALIFICATIONS*

TRAINING, LICENSES, MEMBERSHIPS AND CERTIFICATIONS

• Minimum 6 years of deep technical experience in Cybersecurity design, architecture, and operations.

Must have hands on experience in designing, delivering, or managing (operations) in more than one of the following

• Authentication and PIM – BeyondTrust, ForgeRock, HashiCorp Vault. Secret Double Octopus.
• Hands-on knowledge of Java, Python and related tools (bitbucket, antifactory, etc.) with ability to automate manual tasks is preferred.
• Should have knowledge of SRE practices and has hands-on experience with managing production as per SRE standards and best-practices.
• Good knowledge and understanding on the below.
• Understanding on Linux/UNIX basics.
• Understanding of networking concepts.
• Working knowledge on Windows OS.
• Understanding of Information Security concepts.
• Basic understanding of Web Applications.
• Have good understanding of ITIL practices and ITSM tools.
• Has excellent track record in running complex application production / support environment.
• Has performed production tasks within the SDF/SDLC process.
• Has supported Problem Management, Change Management and Incident Management functions.
• Experience with enterprise data centre design, DevOps, and Cloud Computing.

Job Type: Contract
Contract length: 12 months

Pay: RM8,000.00 - RM15,000.00 per month

Benefits:

• Opportunities for promotion
• Professional development

Work Location: In person