Senior Security Engineer

14th month guaranteed
Performance bonus
Comprehensive benefits
Permanent, direct-hire by the client
Makati, 3 days onsite per week
Day shift, Monday to Friday

Client
The hiring company is a leading international financial services group with global headquarters in Toronto and operate across offices in Canada, Asia, and Europe.

Role Context

• Ensures that physical and virtual infrastructure support platform and software operations
• Selects, upgrades and integrates new technologies; maintains existing technologies
•  Documents critical dependencies and issues where necessary
•  Resolves critical technical issues relating to software or hardware
• Ensures that the information security requirements necessary to protect the organization’s core mission and business processes are adequately addressed
• Analyzes core reasons for security breaches and proactively takes steps to correct them
• Installs and operates firewalls, data encryption and security measures
• Responds rapidly to security breaches
• Builds code to specifications and standards
• Builds and codes moderately complex software
• Minimal time coaching teammates
• Contributes code across BUs
• Has positive impact to specific organizational entities & has some understanding of the nature of the impact
• Usually a top contributor to team’s success
• Analyzes core reasons for security breaches and proactively takes steps to correct them
• Responds rapidly to security breaches; promotes security and secure practices across the organization
• Designs, builds and defends scalable, secure, and robust systems; works on operational data center systems and networks; creates organizational understanding of advanced cyber threats; creates strategies to protect those networks
• Develops or implements open-source/third-party tools to assist in detection, prevention and analysis of security threats
• Installs and operates firewalls, data encryption and other security products and procedures; Implements protections to enhance cyber, access and data security
• Conducts periodic network scans to find vulnerabilities; conduct penetration testing, simulate attacks to find exploitable weaknesses
• Monitors networks and systems for security breaches, through the use of software that detects intrusions and anomalous system behavior
• Leads incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage Key Shared Accountabilities:
•  Familiarity with agile and DevOps principles, test-driven development, continuous integration, and other approaches to accelerate the delivery of new features
•  Understanding of software development lifecycle
•  Understanding of how technology supports Manulife business strategy
• Experience designing, implementing and maintaining large-scale distributed systems
• Relevant certifications an asset: CISSP, CISA, CEH, CISM, ISSAP, ISSEP
• Mentors Associate Engineers
• Seeks coaching from experts
• Attends advanced training sessions and is certified on multiple domains of expertise
• Demonstrates all core skills, and good interpersonal skills for the role
• Good working and background knowledge of area of practice
• Use and combine knowledge of the discipline and the market to formulate the right approach
• Participates in functional demos utilizing new tech; designs own control structures
• Fit for purpose, though may lack refinement
• Sees actions partly in terms of longer-term goals
• Understands the corporate climate & culture
• Strong knowledge of the business
• Experience with anti-virus software, intrusion detection, firewalls and content filtering
• Knowledge of risk assessment tools, technologies and methods; experience in designing secure networks, systems and application architectures
• Disaster recovery, computer forensic tools, technologies and methods
•  Planning, researching and developing security policies, standards and procedures
• Experience with mobile code, malicious code, and anti-virus software
• Endpoint security solutions, including file integrity monitoring and data loss prevention
• AWS and cloud platform as a service (PaaS) security
•  Experience with relevant tools preferred: Automating security testing tools, Chef, Git\
• Collaborative attitude, willingness to work with team members; able to coach, participate in code reviews, share skills and methods
• Constantly learns from both success and failure
• Good organizational and problem-solving abilities that enable you to manage through creative abrasion
• Good verbal and written communication; effectively articulates technical vision, possibilities, and outcomes
• Experiments with emerging technologies and understanding how they will impact what comes next

Ideal Candidate

The candidate:

•  B.S. or M.S. in Computer Science or related field, or equivalent experience preferred
• Relevant certifications an asset: CISSP, CISA, CEH, CISM, ISSAP, ISSEP
• Collaborative attitude, willingness to work with team members; able to coach, participate in code reviews, share skills and methods
• Constantly learns from both success and failure
• Good organizational and problem-solving abilities that enable you to manage through creative abrasion
• Good verbal and written communication; able to effectively articulate technical vision, possibilities, and outcomes
• Experiments with emerging technologies and understanding how they will impact what comes next
• Performs technical security assessments, code reviews and vulnerability testing to highlight risk and improve security Decision Authorities:
• Able to achieve most tasks using own judgement
• Can lead smaller groups where required
• Drives 50% of the time in paired programming
• Good analytical skills, copes with complex situations through deliberate analysis and planning