Job Description:
We are seeking a Cybersecurity Engineer / Specialist to safeguard enterprise systems, networks, and applications from evolving threats. The role combines security monitoring, engineering, and governance responsibilities to ensure a secure IT environment, compliance with standards, and effective risk management.
Responsibilities:
- Monitor SIEM alerts and investigate security incidents, suspicious activities, and breaches.
- Conduct vulnerability assessments, penetration testing, and remediation of security risks.
- Deploy, configure, and manage firewalls, IDS/IPS, endpoint protection, and encryption solutions.
- Develop and enforce information security policies, standards, and compliance frameworks (ISO, SOC2, HIPAA, PCI-DSS, GDPR, NIST).
- Manage identity and access controls (IAM solutions such as Okta, Azure AD).
- Collaborate with DevOps and IT teams to ensure secure system configurations and deployments.
- Automate security tasks, monitoring, and reporting where possible.
- Conduct risk assessments, security audits, and provide recommendations for mitigation.
- Deliver security awareness training and promote best practices across the organization.
- Document incidents, investigations, and prepare audit/compliance reports.
Skills & Tools:
- Security Monitoring & Analysis: SIEM (Splunk, QRadar), IDS/IPS, Nessus, Wireshark.
- Defensive Security Tools: Firewalls (Palo Alto, Cisco ASA, Fortinet), Endpoint Security, Encryption.
- Offensive Security Tools: Pen-testing frameworks (Metasploit, Burp Suite).
- Identity & Governance: IAM (Okta, Azure AD), GRC tools.
- Scripting & Automation: Python, Bash.