Loading...
Share this Job
Apply now »
01-May-2021

Senior Security Engineer

Category:  Transformation Office
Job Type: 
Facility:  Technology

Objective

- The job holder is required to be hands on, implement and enhance measures and controls for all of Cyber security matters for Transformation Office activities. 
- The job holder will engage in the world of risk management and mitigation.
- The job holder will coach and train technical and non-technical staffs on Security matters.

Key accountabilities (1)

A. Information Security
- Monitor all operations and infrastructure. This could be something you do by yourself, or you could be leading a team — either way, your daily bread and butter involves going through alerts and logs (the computer security equivalent of video surveillance) in order to keep an eye on Transformation office digital security footprint.
- Maintain all security tools and technology. 
- Monitor internal and external policy compliance, ensure that both customers, vendors and employees understand cybersecurity risk management policies and that everyone is aware and operates within that framework. 
- Monitor regulation compliance. This is particularly important in banking industry and we are dealing with things like credit card information, financial data, or other personally identifiable information.
- Implement new technology. If teams are looking at a new technology, you must evaluate it and help implement any controls that might mitigate the risk of its operation.
- Audit policies and controls continuously. Regularly auditing the policies and controls that are put into place. 
- Detail out the security incident response program. All policies, process should have a well-defined and documented plan of action to put into place if a security incident does occur.
- Be a critical resource for our engineering teams on all manner of security matters.
- Work side-by-side with Architects, Developers and Delivery Leads alike while addressing security concerns.
- Survey the backlog of Tribes, prioritize appropriately, and shepherd solutions through with persistence.
- Mentor and coach other members on Security matters.

B. Projects Management
- Oversee coordination and delivery of products across squads and ensure timely delivery of products in accordance to timeline set.
- Monitor and evaluate successful implementation of products while developing enhancements based on implementation results/responses.
- Design and set product development priorities with evaluation and inputs from Business and Data Tribes, ensuring products are delivered at the speed of markets.

Key accountabilities (2)

Key accountabilities (3)

Key Relationships - Line Manager

Technology Security Lead

Key Relationships - Subordinate

None

Key Relationships - Internal relationship

Teams within the Transformation Office and relevant departments in the Bank

Key Relationships - External relationship

Partners providing professional services

Success Profile - Qualification and Experiences

Bachelor's degree in Computer Science, Software Engineering or Information Technology
6 to 8 years of relevant experience in Cybersecurity related roles
English proficiency requirements are pursuant to Techcombank's policy
Experience teaching secure code practices in 1:1 situations or to large teams
Experience with DevOps processes in a Cloud/SaaS environment
Experience with secure mobile device development and mobile app pen testing
Experience with operating static and dynamic security scanning tools
Experience automating security tests into the development process
Understanding of common authentication and authorization methodologies
Experience in Agile Software Development with a strong understanding of Agile principles, practices and Scrum methodologies
Experience working in Agile teams to support digital transformation projects

Apply now »