Ensign is hiring !

Key Responsibilities
 

1. Security Operations & Monitoring

• Monitor and analyze security alerts from SIEM, EDR, Firewall, WAF, and other security tools.

• Perform triage, investigation, and escalation of security incidents.

• Respond to incidents in accordance with established runbooks and SLA requirements.

• Conduct root cause analysis and recommend remediation actions.
   

2. Security Engineering & Implementation

• Deploy, configure, and maintain security solutions such as:

  • Firewall (e.g., Fortinet, Palo Alto, Cisco)

  • Endpoint Detection & Response (EDR)

  • SIEM platforms

  • Web Application Firewall (WAF)

  • Email security solutions

  • DLP and SWG solutions

• Support security hardening of servers, endpoints, and network devices.

• Implement security best practices based on industry standards.
   

3. Vulnerability & Risk Management

• Conduct vulnerability assessments and coordinate remediation activities.

• Review security logs and reports to identify trends and potential threats.

• Assist in risk assessments and security audits.
   

4. Documentation & Reporting

• Maintain accurate documentation of configurations, incidents, and procedures.

• Prepare incident reports and post-incident analysis documentation.

• Contribute to the development and enhancement of security runbooks and SOPs.
   

5. Client & Stakeholder Engagement (If Customer-Site Role)

• Provide technical support and advisory to clients.

• Participate in security review meetings and provide technical updates.

• Support project implementation and hypercare activities.
   

Requirements

Education

• Bachelor’s Degree in Cybersecurity, Information Technology, Computer Engineering, or related field.

Experience

• 1–4 years of experience in cybersecurity, system engineering, or SOC environment.

• Experience in security monitoring and incident response preferred.

• Exposure to security tools such as SIEM, Firewall, EDR, or WAF is advantageous.

Technical Skills

• Knowledge of network security, TCP/IP, DNS, VPN, and firewall policies.

• Familiarity with Windows and Linux administration.

• Understanding of security frameworks (e.g., NIST, ISO 27001).

• Experience with scripting (e.g., Bash, PowerShell) is a plus.