Key Information
The Cyber Security Engineer is responsible for designing, implementing, and maintaining robust security measures to protect the organization’s information systems and data from cyber threats. They will work closely with cross-functional teams to assess vulnerabilities, develop security solutions, monitor and respond to security incidents, and ensure compliance with industry standards and regulations. The Cyber Security Engineer will play a vital role in maintaining the confidentiality, integrity, and availability of the organization’s technology infrastructure.
Key Responsibilities
- Design, implement, and maintain comprehensive security measures and controls to safeguard the organization’s systems, networks, and data from unauthorized access, cyber threats, and vulnerabilities.
- Conduct regular security assessments, penetration testing, and vulnerability scanning to identify and mitigate potential risks and vulnerabilities in the organization’s infrastructure, applications, and processes.
- Collaborate with IT teams to develop and enforce security policies, standards, and guidelines in alignment with industry best practices and regulatory requirements.
- Monitor security systems, including firewalls, intrusion detection/prevention systems, SIEM, and endpoint protection platforms, to detect and respond to security incidents in a timely manner.
- Investigate and analyze security incidents, perform root cause analysis, and recommend appropriate remediation actions to prevent future occurrences.
- Manage and maintain security infrastructure, including security information and event management (SIEM) systems, log management solutions, and security-related tools.
- Implement and manage identity and access management (IAM) solutions, ensuring appropriate user access controls, authentication mechanisms, and privilege management.
- Collaborate with development and operations teams to integrate security controls and best practices into the software development lifecycle (SDLC) and DevOps processes.
- Stay up-to-date with the latest security technologies, trends, and threats, and provide recommendations for the adoption of new security solutions and enhancements to existing systems.
10. Conduct security awareness training and education programs to promote a security-conscious culture among employees and stakeholders.
Qualifications and Skills
- Bachelor’s degree in computer science, information security, or a related field. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) are highly desirable.
- Proven experience as a Cyber Security Engineer or similar role, with in-depth knowledge of information security concepts, technologies, and best practices.
- Strong understanding of networking protocols, operating systems, databases, and web applications, along with their associated security vulnerabilities and countermeasures.
- Familiarity with security frameworks and standards, such as NIST, ISO 27001, and PCI DSS.
- Experience with security technologies and tools, including firewalls, intrusion detection/prevention systems, SIEM, vulnerability scanners, and endpoint protection solutions.
- Proficiency in scripting and programming languages (e.g., Python, PowerShell, or Bash) to automate security tasks and analyze security-related data.
- Knowledge of cloud security concepts and technologies, particularly in platforms like AWS, Azure, or Google Cloud Platform.
- Strong analytical and problem-solving skills, with the ability to assess complex security issues, prioritize tasks, and provide effective solutions.
- Excellent communication and interpersonal skills, with the ability to collaborate with cross-functional teams, present security concepts to technical and non-technical stakeholders, and facilitate security discussions.
- Ability to work independently, handle multiple projects simultaneously, and adapt to a fast-paced and dynamic environment.