IT Security Engineer

Department: Information Technology Employment Type: Full Time Contract
REF ID: #198

The IT Security Engineer is responsible to provide effective management and technical direction over organization wide vulnerability and threat management program across all Network, Endpoints and Server infrastructure. This includes activities ranging across security monitoring operations, threat analysis, vulnerability assessments and penetration testing, SIEM monitoring. This position also works closely with other functions at the Group level to assist in the security monitoring program as well as the incident response and recovery capability

Role and Responsibilities:

  • Detection, prevention, and recovery controls to protect against malicious and mobile code are implemented
  • Virus protection arrangements are established and maintained throughout the organization
  • Technical vulnerability management should be implemented in an effective, systematic, and repeatable way with measurements taken to confirm its effectiveness
  • Provide first responder forensics analysis and investigation, drives containment strategy during data loss or breach events
  • Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs)
  • Works directly with data asset owners and business response plan owners during high severity incidents
  • Applications are assessed for vulnerabilities both periodically as well as before being deployed in the live environment
  • The threat and vulnerability database is maintained and kept up to date to ensure environmental threats are captured and updated
  • Timely information about technical vulnerabilities in information systems is made available to evaluate the exposure to the vulnerabilities and countermeasures should be taken to address the associated risk; Tuning of security tools policy based on threat feeds, incidents, or vulnerabilities and exploits of downstream systems
  • Provide tuning recommendations to administrators based on findings during investigations or threat information reviews
  • Monitor industry trends to ensure that solutions are in line with industry best practices.
  • Create documentation and SOPs for all builds and deployed solutions
  • Provide afterhours support as needed for critical systems
  • Automate tasks where possible
  • Analyze and solve problems
  • Assist with other duties as directed by management and achieve goals set to be align with organizational goals.
  • Provide timely status updates for task assignments to team leads and IT Management.

Experience and Skills:

  • Minimum of 7 years of proven experience in AV, EDR, Endpoint Security vulnerability management, and threat management
  • Incident response, triaging, threat mitigation tactics
  • Knowledge of security frameworks and best practices including ISO 27001, OWASP, ZAP etc.
  • Must be able to take actions necessary to protect the organization from an existential cyber threat that is ongoing or an imminent threat
  • Knowledge in all aspects of vulnerability management including network vulnerability assessment, web application testing
  • Tuning of security tools policy based on threat feeds, incidents, or vulnerabilities and exploits of downstream systems
  • Provide tuning recommendations to administrators based on findings during investigations or threat information reviews
  • Have a strong understanding of RADIUS, PKI, IKE, Certificates, L2TP, IPSEC, FIREWALL, 802.1Q, MD5, SSH, SSL, SHA1, DES, 3DES
  • Proven Experience in Office 365 and Microsoft 365 Security Suite (Defender ATP)
  • Extensive experience in administration and implementation of Security services in Azure using native cloud tools
  • Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products.
  • Experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessments.
  • Should have expertise on TCP/IP network traffic and event log analysis.
  • Knowledge and hands-on experience with LogRhythm, RSA SIEM Analytics, Mcafee epo, Sentinel or any SIEM tool.
  • Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
  • Mandatory experience in Configuration and Troubleshooting on fortinet, Cisco, PaloAlto  firewalls
  • Develop Monthly reports to key stake holders
  • Create, review and update documentation
  • Strong work ethic, self-motivation, and good organization
  • An empathetic approach to customer service
  • Coaching team members, Team-player

Qualifications and Certifications:

  • A Bachelor Degree in Computer Science or relevant discipline
  • CCNP, CISA, CISSP, CompTIA Security, CEH
  • Microsoft Azure Security Engineer Associate highly desirable
  • Fortinet Network Security Certifications will be an added advantage
OR