Security Engineer

Job Title: Security Engineer

We are seeking a talented Security Engineer with a strong background in cybersecurity, network security, and a passion for building secure systems and solutions. If you are ahead of trends and work at the forefront of cloud security, threat detection, and incident response, this role is for you.

The ideal candidate thrives in high-pressure environments, enjoys the challenge of protecting complex systems, and is passionate about safeguarding data and infrastructure. The candidate is an expert in identifying and mitigating security risks, implementing security protocols, and leveraging cutting-edge technologies to defend against cyber threats.

The candidate is expected to have strong experience with all standard security technologies (e.g., firewalls, intrusion detection/prevention systems, SIEMs), security frameworks (e.g., NIST, ISO 27001), and cloud security.

Key Job Responsibilities:

• Design, implement, and maintain security infrastructure, including firewalls, IDS/IPS, and endpoint protection solutions.

• Conduct security assessments, vulnerability scans, and penetration tests to identify and mitigate risks.

• Develop and enforce security policies, procedures, and protocols in line with industry standards and best practices.

• Monitor networks and systems for security breaches, and respond to incidents in a timely manner.

• Collaborate with development and operations teams to integrate security into the software development lifecycle (DevSecOps).

• Implement and manage identity and access management (IAM) solutions to ensure secure access to systems and data.

• Lead the effort in automating security processes and deploying security tools using Infrastructure as Code (IaC) with tools like Terraform and Ansible.

• Provide security training and awareness programs for employees to foster a culture of security within the organization.

• Stay up to date with the latest security threats, vulnerabilities, and technologies to ensure continuous improvement of the organization’s security posture.

• Participate in incident response activities, including forensic analysis and root cause investigation.

• Manage third-party security audits and certifications, ensuring compliance with regulatory requirements.

Skills and Qualifications:

• Must have a total of 5+ years of IT experience, with 3+ years in cybersecurity or a related field.

• Extensive experience with security technologies, such as firewalls, IDS/IPS, SIEM, endpoint protection, and encryption.

• Deep knowledge of cloud security (e.g., AWS, Azure, GCP) and experience securing cloud environments.

• Strong understanding of networking protocols and architectures, including TCP/IP, DNS, and VPNs.

• Proficiency in scripting and programming languages (e.g., Python, Bash) for automating security tasks.

• Experience with security frameworks and compliance standards such as NIST, ISO 27001, PCI DSS, and GDPR.

• Familiarity with DevSecOps practices and tools, including CI/CD pipelines, container security, and IaC.

• Strong problem-solving skills and the ability to think like an attacker to anticipate and counteract threats.

• Excellent verbal and written communication skills, with the ability to explain complex security concepts to both technical and non-technical audiences.

• Ability to work in a fast-paced environment and manage multiple projects simultaneously.

Preferred/Bonus Skills:

• Experience with incident response and digital forensics.

• Certification in security (e.g., CISSP, CISM, CEH, OSCP) is highly desirable.

• Experience with security operations in a hybrid or multi-cloud environment.

• Familiarity with security automation tools and frameworks (e.g., SOAR).

• Knowledge of machine learning and AI in cybersecurity is a plus.