It Security Engineer

Description:

Primary Responsibilities:

• Monitors, analyzes, and manages security alerts and events within the SOC.

• Investigates, escalates, and responds to security incidents to mitigate risks effectively.

• Performs daily security operations, including threat hunting and incident management.

• Uses tools such as SIEM, endpoint protection, and network monitoring systems to detect and prevent threats.

• Coordinates and communicates with other IT teams to resolve security issues promptly.

• Maintains and updates documentation for SOC procedures and incident response activities.

• All other duties as assigned.

Security & Risk Management Responsibilities:

• Conducts regular vulnerability scans, risk assessments, and penetration tests.

• Evaluates the effectiveness of security controls and implements improvements.

• Remediates identified security deficiencies and vulnerabilities.

• Monitors compliance with security policies and procedures to ensure adherence to regulatory requirements.

• Participates in security audits and reviews, providing actionable insights for risk reduction.

• Collaborates with stakeholders to implement risk mitigation strategies and security enhancements.

Security Operations:

• Develops and maintains security monitoring and alerting processes for critical systems.

• Investigates and analyzes security incidents to determine root causes and impacts.

• Implements automated workflows for efficient threat detection and response.

• Stays updated on emerging threats, vulnerabilities, and best practices.

• Prepares and delivers regular security reports and metrics to leadership.

• Participates in 24/7 on-call rotations to support the organization’s security operations.

Required Skills and Education

• Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field.

• Cybersecurity Expertise: Strong understanding of security principles, incident response, and risk management frameworks (e.g., NIST, ISO 27001).

• Incident Response Experience: Proven ability to investigate and respond to security incidents and breaches.

• Technical Knowledge: Proficiency in SIEM tools, firewalls, endpoint protection, and network monitoring solutions.

• Risk Assessment: Experience conducting and analyzing vulnerability assessments and penetration tests.

• Automation Skills: Familiarity with automating security processes and workflows.

• Networking: Solid understanding of network protocols, configurations, and security controls.

• Communication: Strong written and verbal communication skills, with the ability to prepare detailed incident reports.

• Certifications (Preferred): Relevant certifications such as CompTIA Security+, CISSP, CEH, or equivalent.

• On-Call Availability: Willingness to participate in a weekly on-call rotation for 24/7 support.

Additional Requirements:

• Ability to work in a high-pressure environment and handle multiple tasks simultaneously.

• Strong problem-solving and analytical skills.

• Commitment to continuous learning and staying updated on industry trends.