Infrastructure and Application Security Specialist
· Evaluate emerging technology and implement state-of-art security tools to ensure the protection against cyber attack.
· Implement next-generation firewall and IPS and manage policy configuration.
· Configure and monitor Web Application Firewall policies and alerts.
· Deploy Mobile Device Management, VPN, Proxy, Data Leakage Prevention tool.
· Implement endpoint threat management services, including anti-virus, HIPS and harddisk encryption.
· Manage anti-virus and patch update program for all servers and workstations.
· Deploy Encryption Key Management to protect DB secret management, PKI and encrypting keys securely.
· Perform vulnerability assessment scan, provide consultation and follow-up vulnerability remediation from vulnerability assessment scan.
· Perform XRAY scan, static and dynamic application security testing for vulnerabilities and embed security tools in Jenkins pipeline.
· Bachelor’s degree in Computer Science, Computer Engineering, Information Technology or IT related field.
· 3-7 years’ experience in network security, application security, vulnerability management, encryption key management, and/or solution design/configuration of security tools.
· CISSP, CISM, GIAC, and/or CEH certifications preferred
· Knowledge and experience in network security, application security, vulnerability management, encryption key management and/or solution design/configuration of security tools.
· Good command of written and spoken English.
· Good interpersonal skills – able to communicate effectively with various levels (from end-users to executives).
· Logical & systematic approach to problem solving