ลักษณะงาน
Job Summary:
IT Security Engineer will be responsible for system security architecture, implementation and security of web application firewalls, IDs/IPS, web filters as well as vulnerability assessment and network/application penetration testing. Focus on improvement for security testing to identify and rectify security risks and providing recommendations for remediation. Hands-on-experience is required for network and application security device configuration and management.
Key Responsibilities:
- Monitor information system security weaknesses such as Security Audit, Vulnerability Assessment, Network / Application Penetration Testing and Security Hardening.
- Risk assessment and operational control of information in accordance with security policies.
- Implement and manage vulnerability assessments related to computer systems, networks and information.
- Design system security architecture and develop detailed security designs.
- Identify and define system security requirements.
- Monitor and enforce guidelines for best practices information security.
- Report and recommend countermeasures and remediation techniques to eliminate vulnerabilities.
- Provide advisory on technology risks and security controls to Junior IT Security Engineer.
- Proactively search for security threats and risks within data before attacks occur.
- Work with team to enhance, develop, and maintain strong technical knowledge of system security.
- Keep abreast of current cyber security news and events.
- Other assignments as required.
คุณสมบัติผู้สมัคร
1. Bachelor’s Degree or higher in Cyber Security, Computer Engineering, Computer Science, IT or related field. 2. Experience in information security / Cyber Security is required. 3. Sound knowledge of Risk Management, Firewall, IDS/IPS, Data Encryption, Platform Operating System (Linux, UNIX, Windows, etc.), TCP/IP and Network Administration/ Protocols/ OWASP top 10, and IT Security International Standards. 4. Possesses knowledge of system security vulnerabilities and techniques/tools, e.g. Nessus, Nikto, Nmap, Metasploit framework etc. 5. Follow emergence of new vulnerabilities and exploitation techniques. 6. Identify web attack vectors, e.g., SQL injections, XSS, CSRF, session-hijacking, etc. 7. Network / Computer Security Certifications such as CompTIA Security+, CCNA, MCSE, CEH and CISSP would be advantage. 8. Good communication skills in both verbal and written format. / Good logical skills and problem solving. 9. Ability to work under pressure, to continually learn, be trained and accept constructive feedback required. / Willing to work as a team and ability to work independently on assigned tasks.
