ROLE SUMMARY: The IT Security Engineer is responsible for implementing, operating and maintaining security technologies and controls to protect company's IT infrastructure, application and data in line with BNM RMiT requirements, internal policies and industry best practices. This is a critical role as part of IT in managing daily security operations, changes, monitoring and responding to cyber threats and incidents, vulnerability management and ensuring compliance with regulatory and audit requirements. This role requires strong technical hands-on capabilities, deep knowledge of security technology and tools, proactively strengthening security postures. MAIN RESPONSIBILITIES Security Monitoring and Incident Management Working with external SOC providers in managing SIEM logs, cyber alerts, endpoint protections, email security and threat intelligence feeds. Investigate, triage and take necessary proactive measures including timely escalate to management. Threat and Vulnerability Management Conduct periodic vulnerability assessment of the IT application systems, system management, network and communication infrastructure, and security infrastructure. Analyze the logs of the various systems including firewalls, IDS/IPS, etc for initiating preventive and/or corrective measures. Continuously monitor, measure, and report security posture to management. Identity and Access Management (IAM) Ensure that processes exist for the creation, modification, access privileges and deletion of user id. Review access rights regularly to enforce least privilege for both users and system administrators, and segregation of duty within IT. Review Privileged access activities. User access management. Security Technology Administration Work with external consultants or IT security service providers as appropriate for security audit and solution. Maintain and operate security tools such as firewalls, EDR, WAF, Proxy, email security, DLP, IPS, VPN, NAC, etc. Perform health checks, updates and configuration reviews of security systems. Recommend and implement security solutions to enhance resilience and compliance. Security Baseline and Hardening Enforce security configuration baselines for servers, network & security devices, databases, endpoints, and cloud resources. Review and update baseline configurations periodically. Security Compliance and Audit Support Support security-related audits and regulatory activities. Prepare documentation and evidence to demonstrate compliance with RMiT and internal policies. Assist in drafting and updating security SOPs and guidelines. Manage the development and implementation of IT security SOP, standards, guidelines and procedures to ensure on-going maintenance of security. Security Awareness Supporting initiatives in promoting security best practices. To perform other duties assigned by management. Qualification Minimum a Bachelor's Degree in IT, Computer Science, Cybersecurity or equivalent. Certification Must possess relevant certification in Security domain , with preference on CompTIA Security+ , CEH , CISM and CISSP . ITIL foundation will be added advantage. Experience At least 5 years' experience in IT security infrastructure (support and operations). Key Knowledge Work experience with FSI or large security setup is preferred Understanding Window servers, database, network protocols, firewalls, IPS, DLP, NAC, VPN, HSM, API, SIEM and other security tools Knowledge of security framework like NIST CSF and industry standards, ISO27001, Zero Trust and BNM RMiT. Good understanding in encryptions and techniques Ability to analyze and interpret threat intelligence to proactively defect against cyberattacks. Understanding of IAM principles and technologies, including access controls, authentications and authorizations. Must have a good understanding of security operations and administration, including security incident handling. Exposure to Cloud security will be preferred