IT Security Engineer

Position Overview:

The IT Security Engineer will be responsible for implementing, managing, integrating and maintaining security systems across the organization’s IT landscape. The role includes 
translating policies and standards into procedures and controls, collaborating with internal stakeholders such as IT, Product Security, and Data Centers, and performing preventive actions and rapid response to security incidents.

Key Responsibilities:

1. Security Systems

• Implement security architectures and controls.
• Maintain and manage security systems such as:
  XDR (Extended Detection & Response), SWG (Secure Web Gateway), DLP (Data Leakage Prevention), Email Security, Network security (Firewalls, NAC), IAM (Identity & Access Management), CASB (Cloud Access Security Broker), PAM (Privileged Access Management), EPM (Endpoint Privilege Management), BAS (Breach & Attack Simulation), Vulnerability Scanners, Training & Awareness, SIEM (Security Information & Event Management), SOAR (Security Orchestration, Automation & Response), Password Manager, Threat Intelligence, Patch Management, TPRM (Third-Party Risk Management), EASM (External Attack Surface Management).
  
  

Collaborate with teams

• Develop and implement security for IT systems, applications, and networks.
• Integrate security into the design and development of new and existing systems.
• Provide guidance on secure configurations and designs.
• Identify and remediate vulnerabilities and misconfigurations.
• Monitor and optimize system and processes to enhance security and comply with policies and standards.
• Lead and execute cross-organizational security projects and initiatives.

Technological Documentation

• Write technical documents such as:
  HLD (High Level Design), LLD (Low Level Design), system documentation, procedures, guidelines, IMF (Incident Management Flow), network diagrams.
  
  

Incident Response and Recovery

• Collaborate with the Security Operations Center (SOC) and MSSP to ensure robust incident detection and response capabilities.
• Contribute to the development of incident response plans and recovery strategies.
• Participate in post-incident reviews to identify lessons learned and implement improvements.
  
  

Security Technology Evaluation

• Research and recommend new security technologies to enhance the organization's security posture.
• Oversee the implementation and integration of security tools and solutions.
• Evaluate the impact and effectiveness of security technologies in mitigating risks.
  
  

Compliance and Audit Support

• Ensure IT systems and processes comply with relevant regulatory standards (e.g., ISO 27001, NIST, GDPR).
• Support internal and external audits by providing documentation and evidence of compliance.
• Maintain detailed records of security controls and activities for audit purposes.

Qualifications:

Education and Certifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Relevant certifications such as CISSP, CISM, CCSP, or similar are highly desirable.

Experience:

• Minimum of 5 years of experience in IT security (System, Network, Information, Cyber), with at least 3 years in a security engineering role.
• Familiarity with securing cloud-based environments and SaaS platforms.

Skills and Knowledge:

• Fluent in English.
• Expertise in security engineering principles, relevant frameworks, and best practices.
• Strong understanding and hands-on experience with Security & IT technologies
• Excellent interpersonal and communication skills for cross-functional collaboration.