Security Engineer

Role Purpose

• To support the Technical Solutions Team in defending, responding, reporting, mitigating, and restoring enterprise systems before, during and after any attempts at exploitation. As Security Engineer, your role will vary at time depending on the missions and threats. You may work on different projects (simultaneously) together with colleagues from your own department, but also with other departments. Your daily routine tasks will be focused on being an escalation point and support for the team. You will work with a variety of customers: governments, the SME sector, large companies, service providers and non-governmental organizations.

Key Accountabilities

• Responsible for sustainment support of all delivered mission-specific IT equipment (hardware and software), including customized and standalone IT equipment to ensure availability.
• Manage SIEM, SOAR and security related device such as Firewall, IDS, EDR and DLP.
• Ensure the health of data sources feeding into the SIEM or other security related tools, such as system logs, application logs, firewall logs, packet captures.
• Assist with assessments and forensic analysis when directed.
• Creation of dashboards, reports and correlation rules/use cases.
• Collaborates with the SOC Team to ensure the organizations systems are operational and secure.
• Collaborates with SOC Team to plan, create and deploy the tools needed to achieve objectives.
• Assist in the development of internal operational architecture, tools, and procedures for ways to improve performance.
• Collaborate with development organizations to create and deploy the tools needed to achieve objectives.

Requirements:

• A bachelor degree in a related field (IT, engineering) is preferred.

• 3-5 years of hands-on experience in security engineering, with a focus on developing and implementing security solutions.

• Proven experience with security technologies, system hardening, threat detection tools, and managing security protocols.
• Good knowledge of network and security tools such as Microsoft Azure Sentinel, Nagios/Zabbix, Splunk, Juniper SRX, Cisco ASA, Palo alto, Fortigate and Security Onion.
• Strong knowledge of IT ticketing systems, case management tools such as TheHive or Resilient.
• Strong understanding of network and system architectures, HLD and LLD
• Strong experience in or expert knowledge of TCP/IP, Mitre ATT&CK and Cyber Kill Chain
• In-depth knowledge on security devices and applications such as DLP, Endpoint Security (Microsoft Defender, Carbon Black EDR, Velociraptor), Firewalls as well as authentication services like ACL, TACACS, RADIUS

• Strong Understanding of data engineering and data ingestion tool such as CRIBL.

• Proficiency in scripting languages such as Python, PowerShell, or Bash to automate routine tasks.
• Strong understanding of Change Management and Incident handling
• Working knowledge of NIST Security Control Standards
• Desired certifications are: CEH, GCIA, CCNA, CCNP, ITIL

#BEACONRED