Senior Cybersecurity Engineer

The Cybersecurity Engineer provides technical expertise on both large and small-scale projects to improve and enhance the cyber security posture, including the global infrastructure environment. The engineer makes operational changes working collaboratively with both IT and other security teams to improve security posture, while ensuring zero operational impact.

The Engineer is involved in product selection and collaborates with the Security Architecture function on selecting new security tools. The Engineer also tests, implements and supports these tools, leveraging knowledge and experience of the enterprise environment.

The Cybersecurity Engineer takes a leadership position in ensuring that security tools are fully documented, managed consistently and to high standards of operational excellence. The Cybersecurity Engineer also assists in troubleshooting and root cause analysis of complex security incidents.

Responsibilities:

• Maintain and improve the security posture of the global environment and project changes as part of the formal change management process.
• Provide technical expertise as a Senior Cybersecurity Engineer, participate in the formulation of security engineering best practices, assess security configurations, and document security processes and procedures.
• Work closely with Cyber Defense analysts to identify and address cyber-security issues across environments. Formulate systems and methodologies, respond to security-related events, and assist in remediation efforts.
• Support the full security project delivery life cycle as the Security Engineering subject matter expert and lead engineer, including identifying and implementing security requirements.
• Plan, implement, manage, document, monitor, and upgrade security measures for the protection of information systems and networks.
• Interact with vendors, researchers, and other third parties to escalate security issues, perform vendor selection, and implement Proof of Concepts.
• Be actively involved in all stages of planning initiatives.
• Automate common tasks and processes.
• Implement and contribute to best practice security and set standards.
• Design workflows and document processes.
• Demonstrate the ability to troubleshoot and resolve complex issues.

• Cybersecurity related Bachelor s degree or related field.
• Minimum 10 years of experience in a cybersecurity engineering role.
• Preference will be given to candidates who also have additional technical, security vendor or cyber-risk certifications such as CISSP, CompTIA Security+, GSEC, GCIH , CCSP, Microsoft SC-200, CISSP-ISSMP, CTIA, OSCP.
• Proven experience with security technologies such as Firewalls, SIEM platforms, Endpoint Detection & Response, DLP, WAF and Privilege Access Management .
• Familiarity with secure architecture principles , zero trust and cloud security principles and settings.
• Good understanding of Security frameworks NIST CSF, ISO 27001, CIS controls, MITRE ATT&CK.
• Good skills with manipulating large data sets and generating meaningful actionable deductions from reporting outputs.
• Possesses a growth mindset and is able to learn quickly to resolve technical security issues.
• Demonstrates an ability to review security technical assessment reports and recommend and implement remediation plans.
• Demonstrates ability to manage project lifecycles including defining technical milestones and project reporting disciplines.
• Demonstrates a detail oriented approach and can take a structured approach to procedures and working instructions.
• Works and maintains a calm structured mindset even when under pressure.
• Possesses an aptitude for understanding and analyzing data when troubleshooting.
• Possesses strong written communication, critical thinking, and analysis skills, including the ability to present potential risks and actual findings to a wide audience. Ability to communicate complex problems to a non-technical audience.
• Possesses a working understanding of key security concepts and attack types such as phishing, malware, vulnerabilities, AI Security risks, Cyber Kill Chain, and attack stages.
• Possesses an analytical mindset, capable of digesting a wide range of information and makes practical judgements based on available data and context.
• Solid experience with security tools and technologies, including SIEM, intrusion detection systems, EDR, XDR, log analysis, malware analysis and DLP controls
• Experience of Windows OS from Server 2012 to Server 2022 and Windows 10 to 11 as well as Hyper V and/or VMware solutions.
• Knowledge of typical enterprise technologies: On-premise and cloud base Windows and Linux operating systems (OS), Microsoft Azure, Managed Active Directory / Group Policy, InTune , M365, and Microsoft security technologies as well as the ability to make changes to improve security posture on these systems.
• Demonstrated ability to troubleshoot AD, perform policy rollouts and reporting.
• Demonstrates a working and genuine interest and talent in Cyber Security.
• Possesses a curious and creative growth mindset.