About the role
Vyond is now seeking for a talented Security Engineer. You will be relied upon to provide engineering and product teams with the security expertise necessary to reach confident and safe corporate decision and will help identify security risks, carry out security reviews, implement security controls and security monitoring in an SaaS environments.
In your role as Security Engineer, you will help the company implement established information security policy. You will contribute to the implementation and maintenance of our information security program, such as:
Duties:
- Review daily company processes and ensure the needed controls are in place throughout the Plan-Do-Check-Act cycle.
- Implement tracking to measure effectiveness of the corporate information security program.
- Implement security controls in accordance with established security policies.
- Conduct security evaluations against 3rd party vendors.
- Assist in security risk assessments initiated by internal or external parties.
- Other ad-hoc duties assigned by the Security Manager.
Qualification:
- Bachelor Degree in Computer Science, Information Systems, or a related field.
- Good knowledge of application-level security including secure coding, security testing practices and verifying application vulnerabilities.
- Experience with browser security controls and web application security best practices.
- Experience communicating security concerns and issues to non-technical audiences.
- (Nice to have) Exposure and knowledge of data compliance.
- 2+ years of experience working in an information security-related capacity is mandatory.
- Good command of English, both spoken and written.
- Good at collaborating with different parties, while also able to work independently as needed.
- Understanding of Web Development, Web Security and SDLC is a plus.
- Capability to multi-task effectively.
- Attention to detail and think-outside-the-box mentality.
- Holder of security certifications in good standing is an advantage.
- Knowledge and experience of information security frameworks, established compliance standards (e.g. ISO27001, PCIDSS) and data privacy legislations is an advantage.
This is NOT an information security auditor or a network security engineer role. The role requires a hands-on approach to actually help devise solutions and make things happen.
This is an opportunity to work for a dynamic company recognizing security as a core value. Less experienced candidate might be appointed as Junior Security Engineer.