Position Title : INF/ Security Engineer
Required Technical Skills:
- Windows and MacOS Operating systems
- Vulnerability systems
o Nmap, tcpdump, wireshark
- Cloud network security (Azure, OCI or AWS)
The Information Security Engineer is responsible for assisting in the design, implementation, and monitoring of secure network, cloud, platform, and application solutions. The position will also be responsible for performing application, host, and network threat assessments to identify, evaluate and mitigate security risks, threats, and vulnerabilities. The Information Security Engineer will work with employees across the organization to develop action plans to mitigate identified vulnerabilities and build a culture of effective information security.
- Work with technical leadership to define overall security technology, standards, and strategy
- Monitor and remediate all Security Incidents using vulnerability and security tools and scripting
- Respond to security incidents and report on incident handling and resolution
- Work with Security Tool Vendors to remediate and tune capabilities
- Monitor Data Access Management
- Monitor privileged system accounts to ensure principle of least privilege is maintained and separation of duties is adequately addressed or mitigated.
- Provide guidance and assistance with infrastructure design to ensure all security requirements.
- Participate in the incident response process ensuring that procedures are documented and rehearsed as needed.
- Assist Network Operations with developing secure system baseline configurations.
- Perform regular quality audits on new and in production systems to ensure they are maintained according to documented security policies and standards.
- Act as a Lead or Project Manager on security related technical projects.
- Check user sign ins to identify any suspicious activity
- Track and Analyse Security Metrics
- Manage Vulnerability Management tools
- Recommend and Implement Security Solutions
- Perform security scans of the network devices, systems, and applications
- Perform automated and manual application security assessments
- Work with development team to ensure secure application designs
- Ability to think strategically and evaluate options in the short, medium, and long term
- Strong planning and organizing skills including the ability to manage several work streams simultaneously
- Excellent communication skills, both in writing and verbally
- Clear decision-making ability with the facility to judge complex situations and assess when to escalate issues
- After-hours configuration changes and on-call support required
- Duties, responsibilities, and activities may be assigned or changed from time to time
- Bachelor's degree (BS or BA)
- 3+ years of experience working with enterprise Information Security technology
- Experience with security log monitoring as well as incident response.
- Experience with Windows and MacOS operating systems
- Proficient in Microsoft Office application such as Microsoft Outlook, Word, Excel, PowerPoint, and SharePoint
- Flexibility to travel when required.
- Ability to manage multiple priorities as well as flexibility to adapt to change with new systems and methods while working in a team environment
- Thinks outside of the box
- Work with people effectively
- Experience with Vulnerability management systems
- Experience with tools such as vulnerability scanners, nmap, tcpdump, wireshark, etc
- Experience creating network security diagrams and documentation
- Expertise with cloud network security (Azure, OCI, AWS)
- Experience with application security audits and automation
- Security Certifications