Sr. Information Security Engineer

Job Description:
  • Working with and reporting to the CTO, architect the Security Operations Center and strengthen our security posture

  • Initially a multi-faceted role as a Security Architect/Engineer, evolving based on candidate’s potential and growth of department headcount

  • Will work to ensure the confidentiality, availability and integrity of information stored and processed on all IT systems by engineering, implementing, managing, monitoring and reporting on security controls appropriate to meet the assurance requirements of applicable policies, standards, legislation

  • Ensure that our products, systems and services maintain industry standard security, based on the family of ISO27001, NIST and/or similar industry standards

  • Ensure that policies, procedures and controls are in place and operate and support internal auditing; help administer and govern internal compliance with policies and processes

  • Will serve as an expert resource and will work cross-functionally with other teams including Development, Operations, and Support to ensure security is a primary objective

  • Ultimately, owns the “risk surface” and supports the implementation of controls and remediation’s where required, promoting security by design in the process

Qualifications:
  • Bachelor’s degree in Computer Science, Information Systems, or equivalent education or work experience

  • Deep experience with all Cyber Security domains

  • Proven 5 – 6 years of relevant work experience

  • Experience with implementing ISO 27001 and other standards and frameworks

  • Strong knowledge of Information Assurance and Governance

  • Experience with Risk assessment and management

  • A Defense in depth and Zero trust architectural mindset

  • An understanding of the Cyber Kill Chain Model, and MITER ATT&CK Framework

  • An advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.

  • Experience with Scripting and programming languages including Python, Perl, Bash, Powershell

  • Strong experience with FreeIPA / Red Hat IDM and other unified AAA

  • Strong experience with Open Source Security tools

  • Strong understanding and hands-on experience with using Firewalls, VPN, Anti-Virus, Data Loss Prevention, IDS/IPS, Server and Endpoint Security, Office 365 Security, patch management, vulnerability management, threat intelligence and hunting, and incident response

  • One or more of the following professional certifications: CISSP, CISM, SANS GIAC, CISA, Security+

  • One or more vendor specific training/certifications

  • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform

  • Understanding of mobile technology and OS (i.e. Android, iOS) and VMware technology

  • Hands-on experience working with Windows and Linux operating systems

  • Experience doing penetration testing, vulnerability and security risk assessments

  • Mindful of emerging IS & Cyber Security risks and the changing threat landscape facing global companies

  • Strong understanding of Network (Wired and Wireless) and Enterprise security and architecture

  • Strong attention to detail, analytical mind with outstanding problem-solving skills, can work comfortably under pressure, and deliver on tight deadlines

  • Strong communication and organizational skills

  • A self-starter with strong work habits, able to handle multiple tasks and projects simultaneously

  • Excellent command of written and spoken English is a must

  • Should not have restrictions for travel/work within country and abroad

  • Ability to participate in a 24/7/365 on-call rotation


Sr. Information Security

Engineer

Home | Careers

Sr. Information Security Engineer

Home | Careers

Job Description:
  • Working with and reporting to the CTO, architect the Security Operations Center and strengthen our security posture
  • Initially a multi-faceted role as a Security Architect/Engineer, evolving based on candidate’s potential and growth of department headcount
  • Will work to ensure the confidentiality, availability and integrity of information stored and processed on all IT systems by engineering, implementing, managing, monitoring and reporting on security controls appropriate to meet the assurance requirements of applicable policies, standards, legislation
  • Ensure that our products, systems and services maintain industry standard security, based on the family of ISO27001, NIST and/or similar industry standards
  • Ensure that policies, procedures and controls are in place and operate and support internal auditing; help administer and govern internal compliance with policies and processes
  • Will serve as an expert resource and will work cross-functionally with other teams including Development, Operations, and Support to ensure security is a primary objective
  • Ultimately, owns the “risk surface” and supports the implementation of controls and remediation’s where required, promoting security by design in the process
Qualifications:
  • Bachelor’s degree in Computer Science, Information Systems, or equivalent education or work experience
  • Deep experience with all Cyber Security domains
  • Proven 5 – 6 years of relevant work experience
  • Experience with implementing ISO 27001 and other standards and frameworks
  • Strong knowledge of Information Assurance and Governance
  • Experience with Risk assessment and management
  • A Defense in depth and Zero trust architectural mindset
  • An understanding of the Cyber Kill Chain Model, and MITER ATT&CK Framework
  • An advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
  • Experience with Scripting and programming languages including Python, Perl, Bash, Powershell
  • Strong experience with FreeIPA / Red Hat IDM and other unified AAA
  • Strong experience with Open Source Security tools
  • Strong understanding and hands-on experience with using Firewalls, VPN, Anti-Virus, Data Loss Prevention, IDS/IPS, Server and Endpoint Security, Office 365 Security, patch management, vulnerability management, threat intelligence and hunting, and incident response
  • One or more of the following professional certifications: CISSP, CISM, SANS GIAC, CISA, Security+
  • One or more vendor specific training/certifications
  • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform
  • Understanding of mobile technology and OS (i.e. Android, iOS) and VMware technology
  • Hands-on experience working with Windows and Linux operating systems
  • Experience doing penetration testing, vulnerability and security risk assessments
  • Mindful of emerging IS & Cyber Security risks and the changing threat landscape facing global companies
  • Strong understanding of Network (Wired and Wireless) and Enterprise security and architecture
  • Strong attention to detail, analytical mind with outstanding problem-solving skills, can work comfortably under pressure, and deliver on tight deadlines
  • Strong communication and organizational skills
  • A self-starter with strong work habits, able to handle multiple tasks and projects simultaneously
  • Excellent command of written and spoken English is a must
  • Should not have restrictions for travel/work within country and abroad