job description
About the Role
Are you a seasoned and proactive Security Engineer eager to safeguard critical financial infrastructure against sophisticated cyber threats? Hong Leong Bank, a premier financial institution known for its unwavering commitment to innovation and security, is actively seeking a talented individual to join our high-performing cybersecurity team in Selangor, Malaysia. In today's increasingly digital world, the integrity, confidentiality, and availability of our systems and customer data are paramount.
As a Security Engineer, you will be at the forefront of protecting Hong Leong Bank's digital assets, contributing significantly to our robust security posture. This is a pivotal role that offers the opportunity to work with cutting-edge security technologies, implement best practices, and collaborate with diverse teams to ensure compliance with industry standards and regulatory requirements. You will be instrumental in identifying potential vulnerabilities, designing resilient security architectures, enhancing our incident response capabilities, and deploying preventative measures to counteract emerging threats.
We are looking for a passionate individual who thrives in a dynamic, challenging environment and is dedicated to continuous learning in the ever-evolving field of information security. If you possess a strong analytical mind, a deep understanding of cybersecurity principles, and a passion for defending against cyber risks within a leading banking environment, we encourage you to apply. Join Hong Leong Bank and contribute your expertise to a mission-critical function that directly impacts the trust and security of millions of customers.
Responsibility
- Design, implement, and maintain robust security systems, controls, and policies to protect the bank's information assets and infrastructure.
- Conduct regular vulnerability assessments, penetration testing, and security audits to identify and remediate weaknesses in systems and applications.
- Monitor security events and alerts, performing in-depth analysis and coordinating prompt incident response efforts to mitigate threats.
- Develop and enforce security standards, procedures, and guidelines in alignment with industry best practices (e.g., ISO 27001, NIST, BNM RMIT).
- Evaluate, recommend, and integrate new security technologies and solutions to enhance the bank's overall security posture.
- Collaborate closely with IT, development, and business teams to embed security into the Software Development Life Cycle (SDLC) and ensure secure system configurations.
- Provide expert security guidance, training, and awareness programs to internal stakeholders to foster a security-conscious culture.
- Stay abreast of emerging cyber threats, attack vectors, security vulnerabilities, and cutting-edge security technologies.
Qualifications
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a closely related technical field.
- Minimum of 3-5 years of progressive experience in information security, with a proven track record as a Security Engineer in a corporate or financial services environment.
- Strong understanding of network security principles, operating systems (Windows, Linux), cloud security architectures (Azure/AWS), and modern web application security.
- Proficiency with security tools and technologies such as SIEM, IDS/IPS, WAF, DLP, vulnerability scanners, endpoint detection and response (EDR), and privileged access management (PAM).
- Demonstrated experience with security frameworks and compliance standards including ISO 27001, NIST, and local regulatory requirements (e.g., BNM RMIT).
- Relevant professional certifications such as CISSP, CISM, CEH, CompTIA Security+, CCSP, or equivalent are highly desirable.
- Exceptional analytical, problem-solving, and critical thinking skills with meticulous attention to detail.
- Excellent verbal and written communication skills, with the ability to articulate complex security concepts to technical and non-technical audiences.