Senior Security Engineer
Senior Security Engineer
We are looking for an experienced and proactive Senior Security Engineer for one of our clients. Reporting to the Senior Security Manager, the Senior Security Engineer will manage security incidents, conduct threat hunting with SIEM/SOAR tools, and support IT audits. You’ll oversee vulnerability assessments, security training, and IT security for vessels. Additionally, you will lead security projects, provide advisory for projects, and engage with external parties on cyber threats.
The ideal candidate will have at least 3-5 years of relevant experience in IT and Cloud Security. He/she will have good communication skills, be resourceful, self-organized, and a good team player.
Responsibilities
- Security Incidents
Perform investigations of security incidents.
Perform threat hunting using SIEM and SOAR tools.
Hands-on experience with security monitoring tools like Microsoft Sentinel or other relevant SIEM and SOAR platforms. - Audit and Governance
Participate in internal and external IT audits.
Maintain Incident Response Plans and IT policies.
Perform Vulnerability Assessment and Penetration Testing.
Conduct security awareness training for the organization.
Conduct phishing campaigns.
Design and review IT/Cyber security architectures.
Work with external parties (e.g., CSA, MPA) on the latest cyber threats and trends.
Assist in vessel IT security setup, review, audit, and remedial actions. - Projects
Manage security-related projects.
Act as Security Advisory for all projects.
Participate in Request for Proposal and Request for Quote processes.
Requirements
Education & Knowledge
- Degree in Information Security, Computer Science, or related disciplines with at least 3 years of relevant experience.
- Knowledgeable in IT Security, Cloud Security, and security standards such as NIST, ISO 27000, and IMO.
- Strong expertise in Azure Security Center, Microsoft Defender for Cloud, and Azure Policy for real-time cloud threat management and compliance.
- IT Security Management experience in various aspects (e.g., network security, server security, application security, endpoint security, email security, physical access security, logical access security) will be an advantage.
- Experience managing network security devices (NextGen Firewalls, IDS, IPS, UTM, NAC, AV, etc.), Windows, Linux, and networking services will be an advantage.
- Preferred Certifications: CCSP (Certified Cloud Security Professional) and Azure Security Engineer Associate are highly preferred, in addition to other certifications such as CISSP, CISM, or CEH.
- Strong hands-on knowledge and experience with security architecture and implementation of Azure Cloud Computing (IaaS, Containers, AKS, DevOps, CI/CD) is mandatory.
- Proficiency in automating security workflows within CI/CD pipelines, focusing on Azure DevOps integration.
- Ideally completed 2 or more of the following certifications: SC-200, SC-300, AZ-500, MS-500, and SC-100.
- Knowledge of Vessel IT will be an advantage.
- Familiarity with maritime cybersecurity standards such as IMO guidelines and TMSA (Tanker Management and Self-Assessment) is a strong advantage for vessel IT security.
Others
- UK MNC with a good corporate culture.
- 5-day work week (Centralised location).
We regret that only shortlisted candidates will be notified.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
