Senior Information Security Engineer

Job Description

• Develop and carry out information security plans and policies.
• Develop strategies to respond to and recover from a security breach.
• Develop or implement open source/third-party tools to assist in detection, prevention, and analysis of security threats.
• Awareness training of the workforce on information security standards, policies, and best practices
• Implement protections.
• Installation and use of firewalls, data encryption and other security products and procedures.
• Conduct periodic network scans to find any vulnerability.
• Conduct penetration testing, simulating an attack on the system to find exploitable weaknesses.
• Monitor networks and systems for security breaches, using software that detects intrusions and anomalous system behavior.
• Investigate security breaches.
• Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened.

Job Requirements

• Bachelor’s degree in communication/computer engineering
• 3-5 years of experience in a same role.

Technical requirements

• Experience with information security risk management tools and methodologies.
• Experience with data privacy/security international regulations.
• Experience with ISO 27000 series of standards.
• Knowledge of NIST/CIS standards and guidelines.
• Experience with the endpoint security solutions, IDS, NGFW, WAF, and SIEM solutions.
• Experience in system administration (Windows/Linux)
• Experience designing secure networks and systems.
• Experience with vulnerability assessment solutions.
• Knowledge of Web/Mobile application pen-testing.
• Knowledge of OWASP Top Ten.
• CEH, ECSA, GIAC certifications or any security vendor certifications would be preferred.