As a Senior IT Security Engineer, you will be providing your expertise to our Cybersecurity Team, dedicated to safeguarding Polpharma Biologics from cyber threats. You will take charge of designing and implementing robust security architectures, responding to security incidents, and supporting SOC operations, including SIEM and EDR solutions.

Bringing your Cybersecurity expertise, you will contribute to the development of the organization’s security roadmap, enhance security operations, and play a pivotal role in the continuous evolution of our cybersecurity posture.

Your responsibilities include, but are not limited to:

• Oversee and manage tools and services such as Microsoft Sentinel, Microsoft Defender, and CrowdStrike;

• Advance and expand the Security Monitoring Tool stack, including SIEM, APT, and EDR/XDR solutions, with a focus on cloud security, particularly in Azure;
• Deploy and manage cybersecurity systems like vulnerability management tools and Network Detection and Response (NDR) systems. Conduct technical analysis of alerts, logs, and other security indicators, escalating incidents as necessary;
• Implement, manage, and operate security technologies to identify, address, and resolve security threats, vulnerabilities, incidents, and events effectively;
• Assist with incident response analysis and support SOC operations, collaborating with the Security Operations Center (SOC) and IT teams;
• Coordinate and verify remediation efforts following audits, ensuring compliance with recommended actions;
• Provide expertise in projects as a Subject Matter Expert (SME) in information security. Analyze proposed solutions, processes, and infrastructure, recommending appropriate security controls;
• Collaborate with cross-functional teams to design and maintain a secure IT/OT network architecture;
• Contribute to the creation, enhancement, and maintenance of information security policies, standards, and procedures to support organizational goals.

If you have:

• Professional Experience:

  • A minimum of 5 years of experience in securing ICT infrastructure;
  • A minimum of 10 years of professional experience in IT.

• Technical Expertise:
  • Strong understanding of the Microsoft 365 platform, including endpoint security, compliance, identity management services, and architectural planning in hybrid environments (on-premises and Azure Microsoft 365 tenant);
  • Hands-on experience with Microsoft 365 Defender and ADFS;
  • Proven knowledge and experience with security technology platforms such as SIEM, AV, EDR/XDR, and DLP solutions;
  • Solid practical knowledge of ICT cybersecurity in network technologies and Windows/Linux;
  • Familiarity with tools and systems like AV, FW, IDS/IPS, APT, SIEM, DLP, and AntiSpam, and expertise in their implementation, administration, and maintenance;
  • Knowledge of attack techniques on ICT infrastructures and awareness of current threats and security trends;
  • Experience with security detecting tools and operational activities related to infrastructure security monitoring.

• OT Security Knowledge:
  • Practical experience and understanding of cybersecurity in Operational Technology (OT) environments, including industrial control systems (ICS) and SCADA.

• Soft Skills:
  • Fluent in English, with excellent communication skills;
  • Strong interpersonal skills, openness to collaboration, and the ability to build and maintain positive relationships.

• Education & Certifications:
  • Higher education in IT, Information Security, or a related field (preferred);
  • Professional certifications such as CISSP, OSCP, CEH, or similar are a plus..

What we offer:

• Competitive remuneration corresponding with your experience and value added;

• The opportunity to make a tangible impact on building cutting-edge security solutions within a state-of-the-art organization;

• Collaboration and mentorship with experienced professionals, including daily one-on-one interactions with your 師範 (mentor) and the security team;

• A challenging yet rewarding role that values creativity, innovation, and contribution to a secure digital future,