Software Security Lead / Senior Engineer

About SHOPLINE:

SHOPLINE is Asia’s largest smart commerce platform. With our customers in mind, we strive to deliver scalable commerce solutions to merchants of all sizes. We’re a full-featured platform with services including online store opening, O2O solution, retail POS systems, advertising placement, business strategy consultation, marketing, and more to empower merchants to succeed in omnichannel retailing and cross-border commerce.

What you’ll be doing:

• Ensure technologies meet security requirements including the company’s policies, external guidelines, regulatory expectations, and appropriate controls in information security, secure design, and cyber security.
• Work closely with the Devops and Development teams in architecture design and review to provide specific security expertise.
• Work with the Engineer Director and IT Director to define and assess the security strategies, architectures and practices.
• Develop and maintain security architecture artifacts.
• Act as a Security SME and provide implementation design to the application and Infrastructure team.
• Conduct Technical risk assessments to capture security exceptions and design associated compensating controls based on the assessment results.
• Define and maintain the infrastructure and application security framework and provide security assessments.
• Work closely with managed SOC service provider on the setup, daily operations and coordinating incident response
• Evaluate and assess new / emerging technologies to cope with changing risk of the E-Commerce environment.

Who we are looking for:

• Proven experience as a Cyber Security Architect or Information Security Consultant with design and architecture experience
• Proven experience building security reference architecture for all-in cloud deployments and hybrid scenarios
• Experience deploying applications in cloud-based platforms such as AWS and Google Cloud
• Experience with cloud security technologies and platforms such as cloud network policy and firewalls, data encryption and key management
• Subject Matter Expertise in enterprise security solutions such as
  • Identity and Access Management
  • IPS and Anti-DDOS
  • Security Incident and Event Management
  • Endpoint Protection
  • Data Loss Prevention
  • Mobile Security
  • Cloud Access Security Brokers
  • Experience with Incident Response within cloud environments and applications
  • Bachelor or Master Degree in Computer Science or related field
  • Excellent presentation and communication skills in English, Cantonese & Mandarin would be a plus

Powered by JazzHR