Security Engineer

Job Description

Job Description

Salary : no

JOB DESCRIPTION FOR SECURITY ENGINEER

We are seeking an experienced Security Engineer to join our growing team. In this role, you will be responsible for designing, implementing, and maintaining security measures to protect the organizations infrastructure, applications, and data. The ideal candidate will have a deep understanding of security protocols, threat modeling, penetration testing and vulnerability assessments, and will play a critical role in ensuring the organizations cybersecurity posture is robust and aligned with industry standards.

Key Responsibilities :

• Security Architecture & Implementation :

Design and implement security solutions to protect company networks, systems, and applications from cyber threats.

Monitor, configure, and manage firewalls, intrusion detection / prevention systems (IDS / IPS), and other security tools.

Design, build, configure, maintain and monitor cybersecurity threat defense capabilities and user access management systems.

Collaborate with Dev and DevOps teams to integrate security practices into the development and deployment of systems and applications.

Collaborate and assist in training QA staff to enhance security implementation in testing.

Threat Detection & Incident Response :

Proactively monitor security alerts, investigate potential threats, and respond to security incidents in a timely manner.

Develop and maintain incident response protocols to handle potential breaches, ensuring minimal impact to operations.

Conduct post-incident reviews, documenting lessons learned and implementing remediation actions.

Vulnerability Management :

Perform regular vulnerability assessments and penetration tests to identify weaknesses in the infrastructure and applications.

Collaborate with the dev team to remediate vulnerabilities identified from client penetration tests in a timely manner.

Prioritize, document, and track the remediation of identified vulnerabilities, ensuring compliance with security policies and standards.

Work with system administrators and developers to implement patches and resolve vulnerabilities.

Develop and implement strategies to mitigate vulnerabilities.

Security Monitoring & Reporting :

Set up and maintain security monitoring systems (SIEM) to track network activity, detect potential threats, and generate security reports.

Analyze security logs and data for unusual behavior, escalating critical issues when necessary.

Prepare and present reports on the organizations security posture, providing insights and recommendations to senior management.

Compliance & Governance :

Ensure that all security measures comply with relevant regulatory requirements (e.g., GDPR, SOC 2, etc)

Support internal and external audits by providing evidence of security controls and remediation actions.

Qualifications :

Education :

Bachelors degree in Computer Science, Information Security, or a related field.

Relevant security certifications (e.g., CISSP, CEH, CISM, or CompTIA Security+) are a plus.

Experience :

3+ years of experience in cybersecurity or IT security engineering roles.

Proven experience with security technologies such as firewalls, IDS / IPS, VPN, SIEM, and endpoint protection.

Hands-on experience with vulnerability scanning and penetration testing tools (e.g., Nessus, Metasploit, Burpsuite, etc.).

Skills :

Strong understanding of networking protocols, operating systems (Linux, Windows), and cybersecurity principles.

Familiarity with cloud security practices (AWS, Azure, or GCP) and securing cloud-based infrastructures.

Knowledge of encryption technologies, PKI, and identity / access management (IAM) solutions.

Familiarity in securing Kubernetes and Blue / Green environments.

Proficiency in networking technologies, network security and network monitoring solutions.

Excellent problem-solving skills with a focus on security incident resolution.

Strong communication and collaboration skills, with the ability to explain technical issues to non-technical stakeholders.

n-technical stakeholders