Information Security Engineer II

Our client is a High growth Strongly Backed Saas Startup from South-East Asia which offers solutions like identity and mobile device management, IT helpdesk support, and security compliance. It’s designed for founders, IT admins, and HR professionals who need scalable, cost-effective solutions. The platform’s users benefit from streamlined processes, helping them maintain security and productivity without needing extensive IT resources.

The Role

We are seeking a highly skilled and experienced Security Engineer II to join our Information Security team. The ideal candidate will have a strong background in information security and privacy regulations, including ISO27001, GDPR, SOC2, and CCPA. This role requires hands-on experience in vulnerability assessment and penetration testing (VAPT), code review, endpoint security, data loss prevention (DLP), and privacy. You will be responsible for implementing and managing security measures to protect our company’s digital assets and ensure compliance with relevant regulations and standards.

You Will Be Responsible For

• Ensuring compliance with ISO27001, GDPR, SOC2, and CCPA standards.
• Developing, implementing, and maintaining security policies and procedures.
• Conducting regular audits and assessments to ensure compliance with relevant regulations and standards.
• Performing regular vulnerability assessments and penetration tests (VAPT).
• Identifying security vulnerabilities and providing actionable recommendations.
• Collaborating with development and IT teams to remediate identified vulnerabilities.
• Conducting thorough code reviews to identify and mitigate security risks.
• Collaborating with development teams to integrate security best practices into the software development lifecycle.
• Implementing and managing endpoint security solutions to protect organizational assets.
• Monitoring and responding to endpoint security incidents.
• Ensuring all endpoints comply with security policies and standards.
• Implementing and managing DLP solutions to protect sensitive data.
• Monitoring data flows to detect and prevent data breaches.
• Developing and enforcing data protection policies and procedures.
• Implementing and managing privacy controls to protect personal data.
• Conducting privacy impact assessments and managing data subject requests.
  
  

Ideal Profile

• You have a Bachelor’s degree in Computer Science, Information Security, or a related field.
• You have at least 5 years of experience in information security.
• You possess strong knowledge of ISO27001, GDPR, SOC2, and CCPA regulations.
• You are Certified in CISM, CISA, or OSCP.
• You have hands-on experience with VAPT tools and methodologies.
• You are Proficient in code review and secure coding practices.
• You have experience with endpoint security solutions and incident response.
• You possess knowledge of DLP technologies and data protection best practices.
• You have a strong understanding of privacy regulations and controls.
• You are experienced with cloud security (AWS, Azure, Google Cloud).
• You have Excellent problem-solving and analytical skills.
• You like to work independently and have strong communication and interpersonal skills.
  
  

What's on Offer?

• Work alongside & learn from best in class talent
• Excellent career development opportunities