HCL Technologies

Overview of job

HCLTech partners with ANZ Bank which is one of the BIG4 Australia-based banks to build engineering teams for cutting-edge digital transformation projects.

Are you ready to take the role in shaping the future of banking? We are pioneers in revolutionizing the banking experience. As we embark on an ambitious digital transformation journey of our client ANZ Bank – an Australia's top global banks, we are looking for visionary experts/engineers to join a dynamic squad of skilled engineers, shaping the future of banking through cutting-edge technologies.

ABOUT THE ROLE

Our purpose is to shape a world where people and communities thrive. We are making this happen by improving our customers’ financial wellbeing so they can achieve incredible things – be it buying their home, building a business or saving for things big or small.

We are looking for a talented Cloud Security Engineer to work within our Assurance Chapter, with the Security Partner, to manage and improve the security controls posture of our platform by providing a detailed technical view to understand security threats and potential exposures.

DUTIES AND RESPONSIBILITIES

We are looking for a Security Consultant/Expert who will take the following responsibilities:

• Provide architectural consulting expertise across multiple domains and projects
• Develop architectural specifications which ensure good security practices and management of cyber risks within the security environment
• Present these architectural decisions at relevant forums to gain necessary approvals
• Assess the operational security requirements for specific projects
• Perform security assessments as requested
• Evaluate technology risk, security and compliance standards
• Identify and assess information security exposures introduced/impacted with the application or business change
• Identify additional controls relevant for the change
• Advise if solutions meet ANZ Bank’s information security standards and reference architectures
• Confirm, certify, and advise on compliance with cyber security regulations such as APRA-CPS234, GDPR, IRAP, PCI-DSS
• Advise on application security vulnerabilities and complete automated security checks
• Manage stakeholder relationships across the tribe – be the conduit between security and the business

***Note: We highlyappreciate your interest in this position of HCLTech Vietnam. After reviewing all applications, only qualified candidates will be contacted for the next steps within 15 days from date of submission

*** Qualifications

• Bachelor’s or Master’s degree in Computer Science, Information Security or a related field
• At least 7-10 years of experience in cyber security (preferably in the financial sector)

*** Must-have skills

• Professional certifications such as CISSP, CISM, CEH or the equivalent
• In-depth knowledge of security frameworks and standards (e.g., NIST, COBIT)
• Proven experience with security technologies such as firewalls, intrusion detection/prevention systems, SIEM, and encryption
• Experience in developing architectural specifications which ensure good security practices and management of cyber risks within the security environment
• Experience in security risk analysis, assessment, and mitigation
• Experience with Cloud security (we prefer Google Cloud Platform (GCP) but either AWS Cloud or Azure Cloud is fine), DevSecOps, and application security
• A knowledge of emerging security threats and mitigation strategies
• A knowledge of software development lifecycle, CI/CD tools and performing code reviews
• Contributions to Vulnerability Management findings, triage, and action recommendations
• Research and analysis skills to identify new security automation opportunities
• Ability to communicate effectively with security and non-security stakeholders to solve everyday problems
• Excellent command of English verbal communication
• Good mindset when working directly with customer (be adaptable with continuous changes in customer’s requirements)
• Strong analytical, problem-solving, and decision-making skills

*** Nice-to-have skills

• A background in financial services security and compliance
• A knowledge of Google Cloud Platform (GCP) and Kubernetes
• Experience in designing controls for SaaS- and PaaS-based services
• Experience in the design and architecture of new software systems and integrations
• Strong development experience in languages such as Go, Java or the similar
• The Supplier will work closely with the Product Area Leaders and Product Owners to deliver the service.
• Additional skills requested by customer: Knowledge of cloud computing environment with a preference on GCP but AWS or Azure would also suit. Knowledge of CICD and the ability to review pull requests for potential security issues and applied knowledge of threat modelling in a solution design context