Security Engineer

​

We present an exciting opportunity to join a prominent organization in the financial services sector. They actively seek an experienced Security Operations Engineer to ensure the company's adherence to security standards.

Responsibilities:

• Collaborate with technology and business teams to implement security processes, technologies, and controls, serving as the authority for security-related inquiries.

• Define, design, implement, and maintain security solutions tailored to the business's requirements.

• Support the definition, execution, and continuous improvement of key cybersecurity processes, including vulnerability and patch management, security incident response, monitoring, endpoint security, identity and access management, network security, and cryptography.

• Assist in developing and maintaining security policies, processes, incident response management plans, and playbooks.

• Create and document standard operating procedures and protocols.

• Provide expertise on security requirements for core technology processes, such as asset management, change management, third-party management, technology development and acquisition, configuration management, etc.

• Contribute as a team member in projects and change initiatives aimed at enhancing enterprise security capabilities, such as identity and access management, log aggregation, etc.

Required experience:

• Minimum of 3 years of experience in a Security Engineer/Analyst role, focusing on designing, implementing security solutions, and managing security infrastructure.

• Previous experience in a financial services environment with a working understanding of relevant regulations.

• Experience and in-depth technical knowledge of deploying, maintaining, and configuring various security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.).

• Knowledge of TCP/IP and related network protocols, including standard protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN, etc., and proficiency in accompanying protocol/packet analysis/manipulation tools.

• Understanding of key operating systems and network appliances, with the ability to assess their security posture based on their configuration and deployment.

• Experience in effectively collaborating with stakeholders from diverse technology and business teams.

• Strong verbal and written communication skills.

Desirable experience:

• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM).

• In-depth knowledge of Operating System security and system hardening concepts, such as CIS Benchmarks.

• Experience in working with information security frameworks and regulatory requirements, including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials.

• Experience in general IT audit processes and conducting risk assessments.