Senior Cyber Security Engineer

Job Summary:

We are seeking a highly skilled and experienced Senior Cyber Security Engineer to lead advanced security engineering efforts across our enterprise. This role involves designing, implementing, and maintaining secure infrastructure, detecting and responding to security incidents, and ensuring compliance with security policies, standards, and frameworks. The ideal candidate will have strong technical depth in network, application, cloud, and endpoint security, along with the ability to lead security initiatives and mentor junior team members.

Key Responsibilities:

🔐 Security Architecture & Implementation

Design and implement enterprise-wide security solutions (e.g., firewalls, IDS/IPS, SIEM, DLP, endpoint protection).

Work closely with IT and DevOps teams to ensure security is embedded across infrastructure and applications.

Review and enhance security configurations of networks, systems, and cloud environments (AWS, Azure, GCP).

🛡️ Threat Detection & Incident Response

Lead investigations of security incidents, root cause analysis, and remediation planning.

Monitor and analyze logs, alerts, and vulnerabilities using tools like Splunk, Sentinel, QRadar, etc.

Develop incident response plans and participate in tabletop and red team/blue team exercises.

📜 Compliance & Risk Management

Ensure compliance with regulatory frameworks such as NIST, ISO 27001, HIPAA, PCI-DSS, GDPR, or FedRAMP.

Conduct regular risk assessments and vulnerability scans using tools like Nessus, Qualys, or OpenVAS.

Collaborate with audit and compliance teams on security control testing and reporting.

🛠️ Security Engineering & Automation

Automate security tasks and workflows using scripting (Python, PowerShell, Bash).

Integrate security tools and APIs with existing systems and CI/CD pipelines (DevSecOps).

Develop and maintain documentation for systems, processes, and policies.

🧠 Mentorship & Leadership

Provide technical guidance and mentorship to junior engineers and security analysts.

Stay current with the threat landscape and share knowledge across teams.

Recommend and implement improvements in security posture, policies, and tools.

Required Qualifications:

Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related field.

5–8 years of experience in cybersecurity engineering, SOC operations, or IT security roles.

Proficiency in tools and technologies such as: SIEM: Splunk, ELK, Sentinel Endpoint & Network Security: CrowdStrike, Palo Alto, Cisco, Fortinet Cloud Security: AWS/GCP/Azure security tools, CSPM, IAM Vulnerability Management: Nessus, Qualys, Rapid7 DevSecOps: GitLab CI, Jenkins, Terraform, Kubernetes security

Strong knowledge of network protocols, secure coding practices, encryption, and threat modeling.

Preferred Certifications (any of the following):

CISSP – Certified Information Systems Security Professional

CEH – Certified Ethical Hacker

OSCP – Offensive Security Certified Professional

CISM, Security+, GCIA, GCIH, CCSP, or vendor-specific cloud security certifications