IT Security Engineer

The successful candidate is responsible for identifying vulnerabilities and working with SABECO Head Office and IT department to resolve them, ensuring that our network and data remain secure. So, we are looking for an experienced information security person to design and enforce policies and procedures that protect our organization's computing infrastructure from all forms of security breaches.

To support IT Manager in the following:

1. IT Governance

- Develop, formalize and specify systems, processes, and methodologies to ensure effective monitoring, control, and support of service delivery functions (working with security team on deep technical and IT Risk knowledge for Security Software …).

- Keep up to date with developments in IT security standards and threats.

2. IT Security (Cyber Security, System Security, Network security)

- Identifying vulnerabilities in-branch IT infrastructure.

- Liaising with IT Department on Patch & Vulnerability remediation.

- Cyber security thread management (Incident response, thread intelligence, Vulnerability identification and remediation supervising, security monitoring to detect Backdoor, D-Dos, Spoofing, Phishing, Clickjacking…).

- Performing penetration tests to find any flaws.

- Monitoring network usage to ensure compliance with security policies.

3. Technology Risk Management

- Collaborate with IT team to improve security/risk and control.

- Review branch IT Risk Acceptance (maker level).

- Support Audit matters for administrative jobs.

4. Access Management:

- Evaluate access identification, access revocation and access modification for end-users, management of privileged user access into IT components including intranet system, application, and internet connection

- Oversight privileged access by CyberArk system (maker level).

- Review changes to production systems (maker level).

5. Information management

- Conduct training annually at branch level and PDAPD.

- Email control (reminds user, train user, advise the user on suspicious email).

- Raise awareness on IT risk and control to functional business unit.

Other jobs assigned by Line Manager.

- Bachelor’s Degree in IT.

- Experience in an information security role (At least 3-5 years of work experience related to information security analysis, security assessment or penetration testing and preferably with experience working in FMCG).

- Having good knowledge and experience in information security: FW, IPS, NAC, VPN, Endpoint Security, App & DB security, Proxy, Microsoft Sentinel, Azure Security, AWS Security ...

- Having technical skills: OS: Windows, Linux/AIX, Firewall: Palo Alto, CheckPoint, Fortinet.

- Professional information security certification is a priority (CISSP, CISA, CEH is credit).

- Good command of English in speaking and writing.

- Good problem-solving and analytical skills.

- Good interpersonal and communication skills.