Senior Security Engineer
• Risks and vulnerabilities assessments with commercial tools and techniques and regular follow up with stakeholders for remediation. • Reviewing client issues and taking steps to remediate security threats and incidents. • Management of escalation process, incident response, review of incident reports, and conduct Root Cause Analysis (RAC). • Familiar with PortScan, Firewall Feature & Rules Assessment, Webservices assessment, WAF, Exploits Scanning. • Familiar with PCIDSS, PDPA or OWASP. • Assist SOC response (such as EDR/DLP/SIEM detection) and of any IT Security Incidents, Forensic and remediating gaps. • Oversee the company vulnerability management program and follow up on remediation (patching or hardening) • IT Security Audits - Security risk assessment and key control testing such as BrokenAUTH and Session, Insecure Cryptography, hash, 2FA access, account hygiene issue, AAA issue. • To conduct Awareness program and presentation on rotational basis. • Hands on experience working with cloud technology AWS, Azure, GCP, GitHub, Kubernetes and native security tools.