Security and Compliance Engineer - Taiwan

Xfers infrastructure and security team is seeking a passionate security engineer who enjoys implementing a full suite of digital and physical security solution. The ideal candidate revels in revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of all of our clients and user. You will be relied upon to provide engineering and product teams with the security expertise necessary to make confident product decisions, and also to help us comply with ISO27001 and MAS TRMG security guidelines on a daily basis.

Responsibilities

• • Provide security guidance on a constant stream of new products and technologies

  • Take a leadership role in driving internal security and privacy initiatives

  • Conduct regular security assessments and code reviews

  • Work with external security auditor to get certified regularly

  • Implement and enforce security and access control processes and protocol

  • Maintain an active security risk register, creating audibility in our security processes to comply with ISO27001 and MAS TRMG security audit standards.

  • Design, develop, and deploy applications to monitor cloud Infrastructure security and detect intrusions

  • Deploy open-source tools or develop in-house solutions for OS hardening, access logging & analysis

  • Build features or tools to ensure strong security in our products and API

  • Conduct initial incident triage; determine scope, urgency, and potential impact of security incidents; lead and coordinate the incident response process

Minimum Qualifications

• • B.S. or M.S. Computer Science or related field, or equivalent experience

  • Basic coding, data structures and algorithm skills

  • Experience in DevOps, Networking and Cloud platforms

  • Enthusiasm for the constant fight to ensure security and privacy on the internet

  • Expertise with an interpreted programming language (PHP, Python, Perl, Ruby, etc)

  • Extensive knowledge of internet security issues and/or mobile security issues

  • Excellent communication abilities

  • Ability to follow and adhere to security procedures

Ideal Qualifications

• • Possess a CEH / CISSP or equivalent security certification

  • Have gone through at least 1 cycle of security audit for ISO27001, SOC1/2, MAS TRMG, PCI-DCSS