Information Security Engineer

About the Role

We are seeking a highly skilled and motivated Information Security Engineer to join our global security team. The ideal candidate will have hands-on experience with security tools and the ability to engineer solutions to mitigate risks. In this role you will be primarily responsible for designing, implementing, and maintaining robust security infrastructure to protect the organization's assets along with some operational responsibilities like monitoring of systems, responding to incidents, and ensuring compliance with security policies and standards.

Security Infrastructure Design & Implementation:

• Design, implement, and maintain security tools and solutions, including endpoint detection and response (EDR) systems, vulnerability management tools, email security, web proxies, PAM platforms, ZTNA solutions and firewalls.
• Engineer secure network architectures and ensure alignment with organisational policies and industry standards.

Security Tool Administration:

• Manage and optimise existing and new security tools.
• Regularly review and fine-tune configurations to maximise efficacy.

Firewall & Network Security:

• Conduct regular firewall and network assessments to ensure the network is secure and resilient to potential attacks.

Endpoint Protection & EDR Solutions:

• Deploy, configure, and maintain EDR solutions.
• Ensure robust protection of endpoint devices against malware and unauthorised access.

Vulnerability Management & Patch Management:

• Deploy vulnerability management solutions and scanners.
• Perform vulnerability assessments using vulnerability scanning tools to coordinate remediation efforts.
• Manage patch management processes to ensure systems are updated and secure.

Identity and Access Management (IAM):

• Design and implement IAM/PAM solutions to ensure proper access control and compliance with organisational policies.
• Continuously monitor and address access-related risks.

Log Analysis & Forensics:

• Assist with log analysis and forensic investigations to identify root causes of security incidents.
• Ensure effective integration of logging mechanisms across systems and tools.

Incident Response & Threat Management:

• Collaborate and enhance incident response capabilities, ensuring timely detection and mitigation of threats.
• Collaborate with the outsourced security operations team to analyse, investigate, and resolve incidents.

Compliance and Regulatory Alignment:

• Ensure the security infrastructure meets the requirements of frameworks like ISO 27001 and NIST.
• Stay informed about regulatory changes and adapt systems accordingly to ensure compliance.

Documentation and Knowledge Sharing:

• Maintain detailed documentation for all security tools, configurations, and processes.
• Provide guidance and training to IT and security teams on the secure use of systems and tools.

Qualifications Required

Education:

• Bachelor's degree in information security, Computer Science, or a related field.
• Relevant certifications such as CISSP, CEH, CISM, or CompTIA Security+ are a plus.

Experience:

• 5+ years of experience in cybersecurity, IT security, or related roles.
• Hands-on experience with SIEM tools, network security, endpoint security solutions, email security, vulnerability scanners, web proxies, PAM platforms, ZTNA solutions and firewalls.

Skills:

• Strong understanding of network security, incident response, vulnerability management, security engineering and regulatory compliance.
• Proficiency in using industry standard security tools.
• Knowledge of cloud platforms (AWS and Azure) and their security services.
• Knowledge of compliance frameworks like ISO 27001 and NIST.
• Excellent problem-solving and analytical skills.
• Effective communication skills

How to apply

If you meet the above requirements and are keen to take up these challenges, you are invited to send us your detailed resume using the link below.

Only shortlisted candidates will be notified.