IT Security Engineer

Key Responsibilities

1. Security Strategy & Architecture

1. • Develop and refine security policies, procedures, and protocols.
   • Collaborate with IT leadership to align security initiatives with business objectives.
   • Evaluate and recommend new security technologies and solutions.

1. Threat Assessment & Incident Response

1. • Conduct risk assessments and vulnerability scans, identifying and mitigating threats.
   • Lead incident response efforts, including investigation, containment, and recovery.
   • Provide post-incident analysis and recommendations to prevent future breaches.

1. Security Operations & Monitoring

1. • Oversee day-to-day security operations, including intrusion detection/prevention systems (IDS/IPS).
   • Implement and manage security tools such as SIEM, firewalls, endpoint protection, etc.
   • Monitor system logs, network traffic, and event alerts for anomalous activity.

1. Compliance & Governance

1. • Ensure adherence to industry regulations (e.g., GDPR, HIPAA, PCI-DSS) and internal policies.
   • Develop and maintain security documentation, including standards, guidelines, and best practices.
   • Partner with internal audit teams and external assessors to maintain compliance and remediate gaps.

1. Security Awareness & Training

1. • Conduct training sessions and workshops to promote a security-conscious culture.
   • Collaborate with HR and department heads to develop ongoing security awareness programs.

1. Collaboration & Stakeholder Management

1. • Work closely with cross-functional teams (IT Operations, Development, Legal, etc.) to implement secure solutions.
   • Coordinate with external vendors and partners to ensure secure integrations and service-level agreements.

1. Hands-On Technical Expertise

1. • Participate in security configurations, deployments, and troubleshooting.
   • Conduct penetration testing (or coordinate with external teams) to evaluate and strengthen defenses.
   • Serve as an escalation point for complex security incidents and technical challenges.

1. Continuous Improvement

1. • Stay updated on emerging threats, industry trends, and regulatory changes.
   • Provide strategic recommendations to enhance security tools, processes, and policies.

Qualifications

• Education: Bachelor’s degree in Computer Science, Information Security, or equivalent skills
• Experience: 5 years in IT security roles, with demonstrable experience Technical Expertise:

• • Familiarity with on-premises and cloud environments (e.g., AWS, Azure).
  • Proficiency in security tools (firewalls, IDS/IPS, SIEM, endpoint security).
  • Hands-on experience in threat analysis, incident response, and penetration testing.

• Certifications (preferred): CISSP, CISM, CEH, OSCP, or related.
• Soft Skills:

• • Strong leadership and communication skills.
  • Ability to explain complex security concepts to non-technical audiences.
  • Excellent problem-solving, critical thinking, and analytical abilities.