Senior Information Security Engineer

Taipei / KKCompany - Engineering / Permanent

Asia’s leading technology group, KKCompany Technologies （KKCompany）, is a leader in software services. Our mission is to build “Freeways to Inspiration” and help industries achieve digital transformation. By creating technology highways with partners, we deliver our services around the world and drive value creation through future technology.

In addition to our flagship brands KKBOX, KKStream, and Going Cloud, our core technologies cover various fields such as music streaming, multimedia, and cloud services. Through a range of products and services, we help customers create commercial value. We also offer software services and solutions to over tens of millions of customers with corporate clients across Asia covering various industries such as telecommunications, entertainment and multimedia, media, education, and fitness centers.

We have over 500 employees across offices in Tokyo, Singapore, Taipei, Kaohsiung, and Hong Kong.

Responsibilities:

Security issue management

Discover security vulnerabilities

Conduct regular security assessments

Internal security education training program

Integrate security tools with CI/CD pipelines

Design security related policies and guidelines

Design or review security related workflow and SOP

Review digital infrastructure and information systems

Cooperate with IT and service operation team to secure our services

Analyze, assess, and respond to various information security incidents and risks

Design countermeasures, mitigations, and containment of information security incidents

Requirements:

Excellent communication skills

Excellent English reading and good English writing

Familiarity with one BSD or GNU/Linux OS distributions

Knowledge and skills of penetration testing tools or vulnerability scanner

Knowledge of CDN, DNS, HTTP, VPN, TCP/IP, TLS, OSI model and REST API

Experience in cloud computing

Experience in using container technology like: Docker

Experience in using version control system like: Git

Experience in software development or system administration

Experience with an interpreted language (PHP , Python, Ruby, or Shell Script)

Familiarity with issue tracking / project management tools like: GitLab, Trac or Jira

B.S or M.S degree in Computer Science, Security related field, or equivalent practical experience

Nice to have:

Ability to interpret basic SQL queries

Ability to discuss, explain and summarize complex, technical topics

Contributions to the security or open source community

Experience in IT or IT security

Experience in monitoring and alerting tools

Experience in Privileged Account Management

Experience in MDM solutions like Microsoft Intune or Jamf

Experience in network management, firewall, IDS/IPS or SIEM

Experience in OpenLDAP, Microsoft AD or Azure AD management

Experience in using various open source tools and technologies to solve problems

Familiarity with secure coding practices

Familiarity with OWASP top ten web application security risks

CCSP, CISSP, CHFI, CND, CEH, CEH Practical or OSCP certification

Knowledge and skills of SAST, DAST tools

Knowledge about security frameworks like ISO 27000 series, PCI-DSS, NIST CSF

Apply Now

Senior Information Security Engineer

Responsibilities:

Requirements:

Nice to have:

Frontend Engineer

Corporate Governance Manager

Business System Analyst

Administration Specialist

Senior Research Engineer

Management Associate (Tomorrow Lab Program)

Procurement Specialist

Site Reliability Engineer

Senior Legal Specialist

Open Source Officer

ERP Implementer

Full Stack Python Developer

Legal Specialist

Senior Information Security Specialist

IT Senior Manager

PR Project Manager