Senior Data Security Engineer

1. Be responsible for security incident and event response and aid in threat and vulnerability research, including triage, remediation and documentation.

2. Be responsible for the assessment, verification, review, and audit of security/privacy controls and overall security posture across the organization.

3. Perform forensic testing, review test results, and collaborate with business stakeholders to establish sustainable resolution plans for vulnerabilities, gaps, and control deficiencies.

4. Develop situational awareness, stay informed on current technology and vulnerabilities, and utilize current information security disciplines and industry standards to ensure the confidentiality, integrity, and availability of information assets

5. Improve the overall strategy, operations, and risk management of Data Security

6. Design, develop, document and deploy enterprise security solutions to safeguard data and privacy.

7. Contribute to the development of security policies, security standards, and risk governance reporting processes in collaboration with cross-functional teams to continuously improve data governance.

8. Uphold data security by implementing DLP rules, monitoring of sensitive data access, and developing data cataloging tools for search and discovery, data lineage, and data quality improvements.

-The base salary range for this position is $93,600- $218,400 annually

The range displayed on each job posting reflects the minimum and maximum target for new hire base salary for the position across our US office locations. Individual pay is determined by a number of factors, including job-related skills, experience, and relevant education and training. This role may be eligible for additional discretionary bonuses and/or incentives, as well as a comprehensive benefits package.

Requirements

1. Experience with information technology at scale

2. Knowledge of PCI DSS, GDPR, ISO27701, NYDFS 500, or other regulatory frameworks.

3. Experience working with SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP and other network and system monitoring tools.

4. Familiarity with classes of vulnerabilities and appropriate remediation of industry-standard classification schemes (CVE, CVSS, CPE).

5. Information security monitoring and response or related experience; In-depth and up-to-date understanding of the threat landscape and the techniques to defend against them – including tactics, techniques, and procedures.

6. Experience writing scripts (Python, Perl etc) and SQL, Konw how of Identity Lifecycle Management, Data Loss Prevention, Data Security, Security Assurance, or similar areas in a medium or large corporate environment.

7. Hands-on experience in the assessment, design, implementation, and configuration of data security products.

8. High ethical standards, personal integrity, and the ability to professionally handle confidential matters.

9. Fluent English and Mandarin.

10. FINTECH security experience is preferred.