Information Security Engineer

X-FAB is seeking a Security Engineer to safeguard our global IT infrastructure. You will be responsible for protecting X-FAB's digital assets by implementing robust defenses against cyber threats. This includes conducting vulnerability assessments, developing countermeasures, and ensuring compliance with IT security standards. You will also play a key role in enhancing security awareness through employee training and advising management on strategic security investments. As a member of the Global IT Security Team, you will collaborate with other Security Engineers to ensure adherence to X-FAB's IT security standards and industry best practices.

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Security, Information Technology, or related field.
• Candidates with at least 5 year(s) of working experience in the related field are added advantage for this position.
• Must be able to work independently with minimum supervision.

Preferred Qualifications

• In-depth knowledge of information security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework, PCI DSS).
• Proven experience in developing, implementing, and maintaining IT security policies, procedures, and standards.
• Strong understanding of risk assessment and management methodologies.
• Excellent analytical and problem-solving skills to identify, assess, and mitigate security risks.

Responsibilities:

• Understanding complex technical issues and managing them within a fast-paced business environment.
• Maintaining all the software and hardware appliances in relation to security.
• Identifying current and emerging technology issues including security trends, vulnerabilities, and threats.
• Sourcing and implementing new security solutions to better protect the organization.
• Conducting proactive research to analyze security weaknesses and recommend appropriate strategies.
• Develop best practices and security standards for the organization.
• Maintain systems plus controls to protect unauthorized access, disclosure, modification, and deletion of information through resources and computer networks.
• Research opportunities to improve information security standards and identify best practices.
• Designs and implements procedures and controls necessary to protect information systems and data.
• Provides guidance and direction both within information security and among users for the physical protection of information system assets, organization information, and customer data.
• Enhanced systems by implementing and maintaining information security controls.
• Conduct routine security risk analysis, evaluate business needs against collision, vulnerabilities and search resulting risks.
• Assist fellow employees with IT security needs.
• Perform regular security audits using tools and provide reports.
• Liaising with vendors to implement security solutions.
• Providing out-of-hours support coverage when scheduled to the support region.
• Documentation.
• Perform any other duties as assigned.

Skills:

• Good knowledge of technical & administrative skills in various operating systems, including Microsoft Windows & Linux.
• Extensive knowledge of operating system and database security.
• Good knowledge of IT Security Design Architecture, OSI model, TCP/IP model, Network Security and Protocols.
• Good knowledge and experience with security infrastructure (Firewalls, IDS/IPS, SIEM, Anti-Malware, DRM, DLP, vulnerability scanners, etc.).
• Good knowledge and familiarity of IT networking fundamentals (TCP/IP, DNS, Switches, Routers, RADIUS/TACACS+, etc.).
• Able to develop security concepts, and participation in the definition of secure IT architectures and IT solutions.
• An analytical mind with excellent problem-solving ability.
• Outstanding decision-making, communication, and organization skills.
• Team player with well-developed interpersonal skills who is comfortable in a cross-functional, multi-cultural environment.