Cyber Security Infrastructure and Identity Engineer (Bangkok based, relocation provided)
  • South Africa Cape Town
  • Agoda
1 year before
31.12.2023
Securely Provision
Systems Architecture
Job Description

About Agoda

Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with more than 2.5 million accommodations globally. Based in Asia and part of Booking Holdings, our 6,000+ employees representing 90+ nationalities foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world.

Get to Know our Team:

The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. Given that the security ecosystem is moving forward at tremendous speed, we like to be early adaptors of recent technology and products. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment.

The Opportunity:

You will be working in a fast-paced Security engineering and operations environment where you will design, setup, configure and maintain the latest security tools, hands on. In addition, we are designing managing and implementing the Company’s IDP and IAM solutions.

In this Role, you will get to:

• Own, design, execute the company’s approach to identity management
• Play a lead role in developing and building the security infrastructure of the company
• Explore, enhance, and make the most of the organization’s security tools to make sure they are working and configured properly
• Make your mark by bringing in new, innovative technologies for POC and implementations
• Work with other SMEs at Agoda for driving the optimal use of our tools, thereby gaining insights on other areas of interest
• Work closely with our cutting-edge IR team
• Enable automated security process for detect and response

What you’ll Need to Succeed:

• Strong experience with Okta or similar as an admin
• Familiar with the hub and spoke / mesh model if it’s Okta
• 4+ years in cyber security/information security field or relevant experience.;
• Strong expertise with cloud environments (AWS / Google Cloud / Azure);
• Strong experience with Microsoft Security solutions, Intune MDE Azure Proxy etc
• Strong foundations in software engineering concepts
• Experience or working knowledge of modern development, test, and deployment models
• Proficient in one or more programming languages such as Python, Go, Node.js, etc
• Strong background in IDP / IAM maintenance setup and operations
• Ability to articulate complex issues to executives, product owners, and other Infrastructure teams
• Strong knowledge in networking, operating systems, configuration management tools and automation tools like Ansible Puppet Rundeck and the likes
• Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences

#sanfrancisco #sanjose #losangeles #sandiego #oakland #denver #miami #orlando #atlanta #chicago #boston #detroit #newyork #portland #philadelphia #dallas #houston #austin #seattle #sydney #melbourne #perth #toronto #vancouver #montreal #shanghai #beijing #shenzhen #prague #Brno #Ostrava #cairo #alexandria #giza #estonia #paris #berlin #munich #hamburg #stuttgart #cologne #frankfurt #dusseldorf #dortmund #essen #Bremen #leipzig #dresden #hanover #nuremberg #athens #hongkong #budapest #jakarta #bali #dublin #telaviv #jerusalem #milan #rome #venice #florence #naples #turin #palermo #bologna #tokyo #osaka #yokohama #nagoya #okinawa #fukuoka #sapporo #kualalumpur #malta #amsterdam #oslo #manila #warsaw #krakow #bucharest #doha #alrayyan #moscow #saintpetersburg #riyadh #jeddah #mecca #medina #singapore #capetown #johannesburg #seoul #barcelona #madrid #stockholm #zurich #taipei #tainan #taichung #kaohsiung #bangkok #Phuket #istanbul #dubai #abudhabi #sharjah #london #manchester #liverpool #edinburgh #kiev #hcmc #hanoi #amsterdam #bucharest #lodz #wroclaw #poznan #katowice #rio #salvador #bandung #yokohama #nagoya #okinawa #fukuoka #newdelhi #Pune #Hyderabad #Bangalore #Mumbai #Bengaluru #Chennai #Kolkata #Lucknow #IT #4

Equal Opportunity Employer

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy .

To all recruitment agencies: Agoda does not accept third party resumes. Please do not send resumes to our jobs alias, Agoda employees or any other organization location. Agoda is not responsible for any fees related to unsolicited resumes.


Quick response

Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0027   Knowledge of organization's enterprise information security architecture.
  • K0060   Knowledge of operating systems.
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0299   Knowledge in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0487   Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • K0516   Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
  • K0010   Knowledge of communication methods, principles, and concepts that support the network infrastructure.
  • K0011   Knowledge of capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware.
  • K0374   WITHDRAWN: Knowledge of basic structure, architecture, and design of modern digital and telephony networks. (See K0599)
  • K0565   Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.

Required Skills
  • S0005   Skill in applying and incorporating information technologies into proposed solutions.
  • S0060   Skill in writing code in a currently supported programming language (e.g., Java, C++).
  • S0168   Skill in setting up physical or logical sub-networks that separate an internal local area network (LAN) from other untrusted networks.
  • S0170   Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate).

Required Abilities
  • A0038  Ability to optimize systems to meet enterprise performance requirements.
  • A0060  Ability to build architectures and frameworks.
  • A0172  Ability to set up a physical or logical sub-networks that separates an internal local area network (LAN) from other untrusted networks.
  • A0048  Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).