Senior Security Engineer
We are looking for an experienced and proactive Senior Security Engineer for one of our clients. Reporting to the Senior Security Manager, the Senior Security Engineer will manage security incidents, conduct threat hunting with SIEM/SOAR tools, and support IT audits. You’ll oversee vulnerability assessments, security training, and IT security for vessels. Additionally, you lead security projects, provide advisory for projects, and engage with external parties on cyber threats.
The ideal candidates would have at least 3-5 years of relevant experience in IT and Cloud Security. He/she will have good communication skills, be resourceful, self-organized and a good team player.
Responsibilities
· Security Incidents
o Perform investigations of Security incidents.
o Perform threat hunting using SIEM and SOAR tools.
o SIEM/SOAR Tools: Hands-on experience with security monitoring tools like Microsoft
Sentinel or other relevant SIEM and SOAR platforms.
· Audit and Governance
o Participate in internal and external IT audits.
o Maintain Incident Response Plans and IT policies.
o Perform Vulnerability Assessment and Penetration Testing.
o Conduct Security awareness training for the organization.
o Conduct phishing campaigns.
o Design and review IT/Cyber security architectures.
o Works with external parties (eg; CSA, MPA) on the latest cyber threats and trends.
o Assist in vessel IT security setup, review, audit and remedial actions.
· Projects
o Manages Security related projects.
o Acts as Security Advisory for all projects.
o Participate in Request for Proposal and Request for Quote process.
Requirements
Education & Knowledge
· Degree in Information Security, Computer Science or related disciplines with at least 3 years of relevant experience.
· Knowledgeable in IT Security, Cloud Security, and security standards such as NIST, ISO 27000 and IMO.
· Azure Cloud Security: Strong expertise in Azure Security Center, Microsoft Defender for Cloud, and Azure Policy for real-time cloud threat management and compliance.
· IT Security Management experience of various aspects, e.g. network security, server security, application security, end point security, email security, physical access security, logical access security, etc will be an advantage.
· Knowledge managing network security devices (NextGen Firewalls, IDS, IPS, UTM, NAC, AV, etc.), Windows, Linux, and networking service will be an advantage.
· Preferred Certifications: CCSP (Certified Cloud Security Professional) and Azure Security Engineer Associate are highly preferred, in addition to other certifications such as CISSP, CISM, or CEH.
· Strong hands-on knowledge and experience with security architecture and implementation of Azure Cloud Computing (IaaS, Containers, AKS, DevOps, CI/CD) is mandatory.
· Proficiency in automating security workflows within CI/CD pipelines, focusing on Azure DevOps integration.
· Ideally completed 2 or more of the following certifications: SC-200, SC-300, AZ-500, MS-500 and SC-100.
· Knowledge of Vessel IT will be an advantage.
· Maritime Cybersecurity: Familiarity with maritime cybersecurity standards such as IMO guidelines and TMSA (Tanker Management and Self-Assessment) is a strong advantage for vessel IT security.
Others
• UK MNC and good corporate culture
• 5-day work week (Centralised location)
To apply, please send your CV to [email protected]
We regret that only shortlisted candidates will be notified.
