Information Security Engineer

2 Months ago • All levels

Cyber Security

Job Description

We are seeking a Security Engineer to strengthen our cybersecurity team. This role involves implementing, configuring, and maintaining security solutions while providing technical security guidance across the organization. The ideal candidate will have experience securing internal products, third-party applications, cloud environments, virtualization stacks, and containerized workloads. Responsibilities include conducting security assessments, reviewing code for vulnerabilities, educating teams on security best practices, and communicating security risks effectively to both technical and non-technical audiences.

Good To Have:

Experience with SIEM, EDR/AV, DLP, IDS/IPS, WAF, IAM
Tune security monitoring solutions
Act as a security advisor
Security code reviews
Assess virtualization, containers, cloud, APIs
Mitigate OWASP Top 10 vulnerabilities
Assist in security awareness training
Train teams on secure coding
Stay updated on threats and vulnerabilities
Improve security posture
Ensure ISO 27001 compliance
Document PoCs and security tests

Must Have:

Implement and maintain security solutions
Provide technical security guidance
Secure internal products and applications
Secure cloud environments and containers
Conduct security assessments
Review code for vulnerabilities
Educate teams on security best practices
Communicate security risks

Add these skills to join the top 1% applicants for this job

cloud-security

We are looking for a Security Engineer to join our cybersecurity team and enhance our security posture. The Security Engineer will be responsible for implementing, configuring, and maintaining security solutions, as well as providing technical security guidance to various departments within the Group. The ideal candidate will have experience securing internal products, third-party applications, cloud environments, virtualization stacks, and containerized workloads. Additionally, they should be skilled in conducting security assessments, reviewing code for vulnerabilities, educating teams on security best practices, and effectively communicating security risks to both technical and non-technical stakeholders.

Responsibilities

Assist infrastructure teams in deploying, configuring, and maintaining security solutions such as SIEM, EDR/AV, DLP, IDS/IPS, WAF, IAM, and cloud security tools.
Ensure seamless integration of security tools across the company and assess third-party integrations and vendor solutions for security risks.
Tune and optimize security monitoring solutions to reduce false positives and enhance detection capabilities.
Act as a security advisor for developers, DevOps, IT, business teams, and other stakeholders, ensuring security best practices are integrated into their workflows.
Conduct security code reviews for internal applications and third-party solutions.
Perform security assessments on virtualization environments, containers, cloud platforms, APIs, and network architectures.
Identify and mitigate vulnerabilities related to OWASP Top 10, misconfigurations, insecure integrations, and emerging threats.
Work closely with engineering teams to remediate identified security risks efficiently.
Assist in developing and delivering security awareness training for employees.
Train development and infrastructure teams on secure coding practices, security automation, and vulnerability mitigation techniques.
Stay up to date with current threats, vulnerabilities, and attack techniques.
Help the company improve its security posture and ensure compliance with industry standards (ISO 27001).
Clearly communicate technical security findings to non-technical stakeholders, leadership, or regulatory bodies.
Document PoCs (Proof of Concepts) and security tests effectively.