Network Security Product Engineer
- Kuala Lumpur, Malaysia Kuala Lumpur Kuala Lumpur MY
- Permanent, Full time
- Standard Chartered Bank Malaysia Berhad
- 20 Sep 18 2018-09-20
Network Security Product Engineer
Job Description - Network Security Product Engineer
Business Title: Network Security Platform Specialists
Business Unit: ITO, Technology Services, Security Technology Services
Job Family: Security Technology Services
Reports Directly to: Network Security Service Domain Lead (Network Security Survillience)
Security Technology Services (STS) is a critical function within Standard Chartered Bank operating under the overall purview of "Technology Services" .
The STS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products in order to maintain and continuously improve Bank's cyber security posture in today's ever evolving cyber security landscape.
The STS team protect the Bank from cyber security threats by delivering effective information security technology services, managing and responding to security incidents to ensure, and support the continuity and growth of Bank's business operations; and meet the both internal and external stakeholders' expectations across 70+ countries and territories, in which SCB operates.
As part of the Security Transformation activities within SCB, a new Network Security Service has been created. This requires a highly skilled and experienced Cyber and Network Security professional to work with the domain lead to deliver and operate network security monitoring capabilities to detect and respond to security events and improve Bank's network security posture in order protect the Bank from complex cyber threats.
· Implement and operate network security monitoring solutions network security monitoring capabilities to detect and respond to security.
· Write, test and deploy network intrusion detection signatures using snort rules syntax.
· Work with network teams to ingest network flow for advanced security analsysis.
· Support domain lead and Cyber Defence Centre in the detection and response to complex network incident escalations and investigations.
· Configure network security response patterns in accordance to input from Cyber Threat Intelligence and Cyber Defence Centre.
· Provide feedback and assistance to product engineering teams on the evolution of network security monitoring and response products and their alignment with the changing needs and requirements of the banks business.
· Support product security risk assessments.
· Participate and contribute on product security incident response, and other related activities.
· Interface with other technical departments such as Cyber Defence Centre, Cyber Threat Intelligence etc.
· Support key Cyber Defence Centre in performing advanced analysis and troubleshooting of network security events; determining root cause to facilitate resolution in conjunction with administration and operational staff.
· Engages peers in technical dialog considering new ideas and applicability to the banks environment.
· Security Technology Network Security Service Domain heads
· Head of Networks Engineering
· Head of Cloud Engineering
COMPETENCIES (KNOWLEDGE & SKILLS):
· Minimum 10 years experience in Banking, Information Security Technology
· Minimum 5 years experience in Network Security Design, Architecture or Engineering
· Highly entrepreneurial with a high level of energy, dedication and an unrelenting drive to success and win
· Strong sense of personal ownership and responsibility in accomplishing the organisation's goal. Exudes confidence and will roll-up his/her sleeves to drive success
· Able to get things done in a quick-paced environment. Be transparent and open around what doesn't work and what does
· Strong Technical skills and good understanding in Network Security Technologies, including but not limited to Firewalls (including Web Application Firewalls), Intrusion Prevention, Breach Detection, Secure Web Access Gateways, DDoS mitigation solutions
· Excellent communication skills - oral, written and presentation; technical reporting writing across various types of tareget audiences
· Automation-Obsessed - a passion to automate processes and drive out manual intervention and can take an IOC from the threat intelligence team and automate its deployment in an efficient, repeatable and measurable way
· Strong sense of urgency and good under pressure
· Understanding of developing in a regulated environment and adhering to a quality management system
· Demonstrated positive work ethic with a strong commitment to achieving project goals
· Knowledgeable with Security requirements and secure coding standards, e.g., NIST SP 800-53, ISO/IEC 27001, OWASP
· Knowledge of various networking and connectivity protocols, encryption, web and cloud technologies.
· Excellent knowledge of networking fundamentals