Summary

We are seeking a skilled Cybersecurity Engineer with a strong background in firewall management, SIEM tools, EDR, vulnerability and incident management, and cloud security posture management. The ideal candidate will play a crucial role in implementing security tools and managing day-to-day security operations to protect our organization’s assets.

Job Description

Key Responsibilities:

• Firewall Management: Configure, monitor, and maintain firewalls to ensure network security and prevent unauthorized access.
• Endpoint Detection and Response (EDR): Deploy and manage EDR solutions to detect, investigate, and respond to potential threats on endpoints.
• SIEM Tool Management: Implement and manage Security Information and Event Management (SIEM) tools to aggregate and analyze security data from across the organization.
• Vulnerability Management: Conduct regular vulnerability assessments and work with IT and DevOps teams in the remediation processes to address identified risks.
• Threat Detection: Perform analysis of various log sources, SIEM alerts, IDS/IPS alerts, host activity, and network traffic to identify suspicious or unauthorized activity
• Incident Management: Lead incident response efforts, including detection, analysis, containment, eradication, and recovery, while documenting incidents and responses.
• Cloud Native Application Protection Platform: Oversee the security posture of cloud environments, ensuring compliance with best practices and regulatory requirements.
• Security Operations: Manage daily security operations, including monitoring alerts, analyzing security incidents, and providing timely responses.
• Collaboration: Work closely with IT and DevOps teams to integrate security practices into development and operational processes.
• Documentation and Reporting: Maintain up-to-date documentation of security processes and create regular reports for management on security operations and incidents.
• Continuous Improvement: Stay current with the latest security trends and technologies, and recommend enhancements to improve the organization’s security posture.

Additional Job Description

Qualifications:

• Education: University degree (equivalent to a Bachelors degree) in Computer Science, Cybersecurity, or related field.
• Experience: 5+ years of experience in information security, with a focus on firewalls, SIEM, EDR, vulnerability management, and incident response.
• Certifications: Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are highly preferred.
• Technical Skills:
  • Strong knowledge of cloud security hardening, secure network design, security solution lifecycle and SDLC
  • Network security knowledge, including VPN, firewall, network monitoring, intrusion detection, web server security and mobile device management, cloud security and governance
  • Experience securing cloud deployments on common platforms like Microsoft Azure, Amazon Web Services, or Google Cloud Platform
  • Familiarity with Infrastructure as Code (e.g.Terraform) is a plus
• Analytical Skills:
  • Strong analytical and problem-solving skills to identify and respond to security incidents effectively.
  • Understanding of incident response processes and procedures including familiarity with NIST framework
• Communication Skills: Excellent verbal and written communication skills, with the ability to convey technical information to non-technical stakeholders.