Position: Cybersecurity Engineer 1
This Security engineer position will support the global team working third shift US hours and daytime Tuesdays through Saturdays in Malaysia.
The Security Engineer will be responsible for deploying, tuning and maintaining security policies and enhancements to protect company sensitive and confidential information to mitigate security threats to the corporate network, assets, data, and users.
The Engineer will provide a more advanced set of skills to bring forward real engineering experience that can be used to install and utilize software, such as next-gen intrusion prevention, anti-malware, data loss prevention, to help protect company's data and sensitive information.
This position requires the person has done the research necessary to stay abreast of the latest information technology security trends and software and can use this knowledge to help prevent security breaches. The engineer will be responsible for carrying out day-to-day functions such as project tasks, operational tasks, and providing effective controls and metrics.
Must be able to think independently and recognize when executing a task could lead to a potential new risk or unforeseen negative outcome. They must be able to mitigate those risks or escalate the issues to management.
KEY RESPONSIBILITIES AND DUTIES:
(30%) Handle day-to-day implementation, monitoring and operational support of hardware, software, customer applications, managed solutions and service provider relationships
(20%) Engage in information security projects that evaluate existing security infrastructure and proposes changes as defined by security leadership and architects
(20%) Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected
(20%) Respond to and handles service and escalation tickets within SLA expectations
(10%) Develop security test plans from architectural design. Identifies deficiencies and make enhancements to ensure production is not impacted
QUALIFICATIONS:
Required Skills:
Understanding of application protocols, development and attack vectors
Good cybersecurity capabilities and network and computer engineering skills
Ability to create dashboards, alerts and automatic reports
Understanding of key security controls with demonstrated experience in information system security controls and countermeasures
Ability to understand business processes and provide solutions that align with those processes
Familiarity with more advanced security solutions such as SIEM, IDS/IPS, EDR, data encryption, and other endpoint, network or data security tools
Advanced working knowledge of key IT technologies such as TCP/IP, operating systems, network topologies, Active Directory, scripting languages, and the OSI model
Advanced ability to troubleshoot technical problems for the purpose of responding to support incidents
Must have strong analytical skills
Thorough understanding of change management and ability to work under the required guidelines and deliver on business/project requirements
Advanced user of key back office applications such as Excel, PowerPoint, Outlook and Word (or similar)
Must possess excellent communication skills
Must possess good time management and organizational skills
Bachelor's degree in Information Systems (or related field) or equivalent experience.
4+ years in network security engineering and operations in an Enterprise environment.
4+ years of experience in IT, or related area, with a focus on security tool technology, security management and policy enforcement.
Hands on experience supporting security requirements of a large, global enterprise environment.
Desired Skills:
Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
Proven experience supporting security initiatives in a largescale, complex, global organization
Knowledgeable in the use of troubleshooting and debugging tools
Experience with testing of security tools
Excellent problem solving and time management skills.
One or more IT Security related certifications is highly preferred, such as CISSP, SSCP, CCIE, CISM or CEH.
Understanding of Security Information and Event Management (SIEM) with knowledge of log collection, parsing of log files and how this data can be effectively used to mitigate risk and respond to threats.
Knowledgeable in scripting languages and the use of regex.
It has been and will continue to be the policy of American International Group, Inc., its subsidiaries and affiliates to be an Equal Opportunity Employer. We provide equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.
