Security Engineer

Qualifications & Requirements:

Must have:

- Experience in Threat modelling

- Experience in Web application

- Experience in Cloud security

- Experience in Writing codes pertaining to security

- Experience in Devsecops

- Bachelor's degree in Computer Science, MIS or IT Security. A Master's Degree is highly desirable

- Industry certification such as Security+, CBCP, CISA, SCNP, CCNA Security, and /or CEH

- Solid understanding of security and network infrastructures - switches, routers and firewalls; TCP/IP networking theory

- Expert knowledge of container security and secrets management (Docker/Kubernetes/AKS/Service Meshes)

Role:

- The Security Engineer will, Under general supervision, performs a wide variety of duties in support of technical or administrative assignments using established procedures.

- May assist in the preparation, presentation, and follow-up of proposals with supervision.

- May also participate in activities in support of multiple projects.

- Independently performs work as assigned by Management. Employee has limited autonomy for an assigned area or responsibility within a function.

- Interacts daily with supervisor, peer groups, and customers. Interaction normally involves exchanges or presentation of factual information.

- The candidate will be part of the Information Security team responsible for Security platform engineering, Operation and audit for the company.

- Areas of focus will be a combination of day-to-day security operations and strategic architecture of the company data center and customer environment.

Responsibilities:

- Assisting software development teams in securely architecting/operating their software applications by aligning to the SE secure software development principles, industry-standard methodologies, and compliance and privacy requirements.

- Assisting and coding Security aspects if required using various open source tools.

- Build, promote and scale the best DevSecOps practice across the company globally and drive adoption of tools and practices as the teams to transform to DevSecOps.

- Always look for opportunities to optimize, automate and secure the daily workflow

- Understand the life cycle of information as it pertains to Security

- Intermediate knowledge of Security Audit Process

- Expert knowledge of Business Continuity plans/Disaster recovery

- Understand Risk assessment and risk treatment plans

- Analysis of the organization's threat landscape and ability to define holistic security solutions

- Security infrastructure management and architecture - the operation of a security management infrastructure which supports different types of Security products

- Intrusion Prevention System

- Endpoint Security

- Vulnerability and Penetration testing

- Network Data Loss prevention

- Public Key Infrastructure design

- Web Content Filter administration

- Security Information and Event Manager design and development

- Support the planning, design and implementation of these security solutions