Principal Security Engineer

WHY JOIN• As our new Principal Security Engineer, you will guide our engineering culture enabling the transformation of a high- growth company offering products our customers need during a moment that shapes the future for those they love most. Every day you’ll tackle complex challenges while partnering with engineering, infrastructure, and cloud teams to embed security into system design, Azure DevOps pipelines, and deployments across our Omega (customer platform), Phoenix (policy administration), and Salesforce CRM systems.

ABOUT FPT SOFTWAREFPT Software, a subsidiary of FPT Group, is a leading global IT service provider headquartered in Vietnam. With 33,000+ employees in 88 offices across 30 countries, we serve 1,100+ clients, including 96 Fortune 500 companies.

We believe diversity fuels innovation and strive to create an inclusive workplace where talents of all backgrounds thrive. We welcome expatriates and international professionals to bring fresh perspectives and help shape the future of technology.

JOB OVERVIEW• We are seeking a Principal Security Engineer to support our partnership with FPT. In this role, you will lead the design, implementation, and governance of our enterprise security architecture, with a strong emphasis on Microsoft Azure security. This is a highly strategic, hands- on role serving as our principal technical authority to protect our cloud environments, core insurance platforms (Omega & Phoenix) and customer data while enabling business growth across our UK, Canadian, and Australian markets. You will also shape enterprise security policies and governance frameworks, providing guidance to leadership on balancing innovation with risk management.

RESPONSIBILITIES
Technical Leadership
• Conduct architecture reviews, threat modeling, and design validation for critical Azure applications, including our Azure Data Factory pipelines, Azure SQL databases, Logic Apps, and Databricks implementations.
• Lead application security by defining secure coding standards, driving peer code reviews, integrating automated security testing (SAST/DAST) and supply- chain controls, and managing third- party and open- source risks through continuous vulnerability scanning, remediation, and secure SDLC practices.
• Serve as the subject- matter expert on Azure security services including Entra ID (Azure AD), Conditional Access, Defender for Cloud, Sentinel, Key Vault, Intune, and Privileged Identity Management (PIM).
• Drive adoption of zero- trust architecture, advanced authentication, and secure configuration baselines across cloud and hybrid environments supporting our insurance platforms.

Operations & Risk Management
• Contribute to business continuity and disaster recovery planning to ensure resilient operations and rapid recovery in the event of a security incident.
• Implement and optimize monitoring, logging, and detection using Microsoft Sentinel, Defender XDR, and other integrated security platforms with focus on financial services threat vectors.
• Lead proactive threat hunting initiatives to identify and contain advanced threats across environments.
• Continuously assess and actively defend against emerging cyber threats, including phishing, ransomware and other extortion- based attacks, account compromise, data exfiltration, and zero- day vulnerabilities.
• Collaborate with compliance and risk teams to ensure adherence to ISO 27001, SOC 2, GDPR, FCA (UK), and relevant Canadian/Australian financial services regulatory requirements.
• Implement controls and monitoring to detect and mitigate insider threats and misuse of privileged access.
• Oversee vulnerability management, penetration testing, and incident response for cloud and hybrid systems supporting life insurance operations across multiple jurisdictions.

Financial Services Security Focus
• Design security frameworks for multi- jurisdictional operations ensuring compliance with UK FCA, Canadian, and Australian regulatory requirements.
• Implement data loss prevention (DLP) measures to safeguard sensitive customer and financial information across jurisdictions.
• Ensure robust security controls for customer data protection across life insurance products and claim processing systems.
• Champion and instill a security- first culture by mentoring engineers, promoting secure practices, and influencing stakeholders across technology and business functions.
• Implement security measures for financial transactions, direct debits, and payment processing systems.

• Deep understanding of network security, IAM, encryption, and modern authentication protocols (SAML, OAuth, OpenID Connect) within regulated industries.
• Understanding financial services regulatory requirements (FCA, GDPR, SOC 2) and their security implications.
• Proven track record leading enterprise security architecture and risk reduction initiatives at scale within financial services or similar regulated industries.
• Hands- on experience with the Microsoft security stack (Sentinel, Defender for Cloud, Defender for Endpoint, Intune) in enterprise financial services environments.
• Strong expertise in Microsoft Azure security, including identity, access, workload, and data protection with specific experience in financial services environments.
• Significant body of professional experience in cybersecurity, with the most recent tenures spent in either a staff or principal role.
Nice to have
• Experience securing insurance technology platforms, policy administration systems, or financial services applications.
• Experience with Azure Data Factory security, SQL database security in financial services, and secure integration patterns for third- party financial services.
• Certifications such as Microsoft Cybersecurity Architect Expert, Azure Security Engineer Associate (AZ- 500), CISSP, CCSP, or financial services security certifications.
• Familiarity with compliance frameworks and risk methodologies (NIST CSF, MITRE ATT&CK, ISO 27001) and their application in financial services.
• Experience with Infrastructure as Code (Terraform, ARM templates, or Bicep) and DevSecOps practices within Azure DevOps environments.
• Knowledge of UK FCA regulatory requirements and multi- jurisdictional financial services compliance.

• International, professional, dynamic, and friendly working environment and culture.
• Relocating package for seniors (HCM/HN to Da Nang): 80 – 100M.
• Be part of a team in an international world- class company and exchange knowledge with technology specialists and experts from the world’s leading companies.
• International, professional, dynamic and friendly working environment and culture.
• Annual Summer Vacation support from 1 Million VND to 6 Million VND and up to 3 days off work.
• Salary review according to Company Policy.
• “FPT care” health insurance provided by INSMART and is exclusive for FPT employees.

Cập nhật gần nhất lúc: 2025-11-05 12:45:03