Our client, one of the biggest technology companies in Asia, is seeking a highly skilled IT Security Manager to lead a team of security professionals responsible for protecting their technology ecosystem. You will manage security engineers covering areas like Product Security, Infrastructure Security, Offensive Security, DevSecOps, and Application Security. You will work at the intersection of cybersecurity and engineering to ensure robust security standards are in place.
In this role, you will get to:
Lead Engineering Security Efforts
Oversee security strategies for engineering teams, driving robust security standards across the company.
Collaborate with cross-functional teams to integrate security measures within development and operational workflows.
Ensure security tools and protocols are in place to protect user data, corporate information, and intellectual property.
Develop and Implement Security Solutions
Design and build scalable security systems that address specific threats to the environment.
Balance the use of off-the-shelf tools with the development of custom security solutions to meet unique challenges.
Evaluate new technologies and frameworks to enhance our client's security posture.
Foster a High-Performing Security Culture
Mentor and develop security talent within the organization.
Promote continuous learning and a proactive approach to identifying and mitigating security risks.
Work closely with the engineering teams to implement best practices in secure coding and architecture.
You'll be successful if you have:
7+ years of experience managing Security Engineering or DevSecOps teams, with a focus on cybersecurity.
Experience being a People manager who is ready to roll their sleeves up if required.
Strong track record in leading cybersecurity or software development projects using agile methodologies.
Proficiency in programming languages like Python and Java, and experience securing cloud platforms such as AWS and GCP.
Deep technical expertise in web, mobile, OS, and network security, as well as containerization, serverless functions, and microservices.
Hands-on experience with security testing (e.g., SAST, DAST, IAST, SCA), secure design, and secure application frameworks.
Excellent communication skills, with the ability to engage both technical teams and senior leadership.
A proactive, self-driven approach to bridging gaps between Software Engineering, Infrastructure Engineering, and Security Engineering.
Commitment to continuous learning, with a passion for staying ahead of emerging threats and technologies.
