The Security Engineer plans and oversees monitoring and maintenance of security operations, and provides direction and leadership to internal resources. He/She provides expertise on security technologies and innovative security concepts, and works toward enhancing the resilience of security operations. He/She coordinates ongoing reviews of existing security programs, protocols, and planned upgrades. They establish escalation processes for security incidents and develops contingency plans and disaster recovery procedures. He/She focuses on policy implementation and control.
He/she is diligent and watchful in monitoring security operations, systems, and activities. He/She is also a confident leader who develops plans and solutions to address security incidents and one who has a passion for engaging and developing others in their team.
- Implement security operations strategy
- Contribute to the definition of the overall security strategy
- Align security operations functions with the organisation’s overall business objectives
- Advise senior leaders on critical issues that may affect corporate security objectives
- Advise the design and implementation of security policy and controls
- Provide expertise on security technologies and innovative security concepts
- Provide technical and operational oversight for security tool deployment and implementation
2. Monitor security systems
- Develop plans for monitoring security systems and responding to cyber security incidents
- Guide the identification and measurement of critical security operations metrics
- Develop detection and alerting rules
- Monitor levels of service of the security operations
- Present periodic status reports to management
3. Maintain security operations
- Oversee planning and coordination of 24 x 7 security operations coverage
- Coordinate ongoing reviews of existing security programs/protocols and planned upgrades
- Monitor compliance to security policies, regulations, rules and norms
- Drive continuous improvement of security operations
- Perform Firewall rule reviews/clean-ups as part of housekeeping initiatives
4. Respond to security incidents
- Set internal guidelines for effective processing and escalation of incidents
- Review reports on incidents and breaches
- Develop contingency and disaster recovery plans for specific security incidents
- Coordinate prioritisation of alarms and resources for incident responses
- Oversee the development of emergency protocols
- Recommend systems and procedures for the prevention, detection, containment and correction of security breaches
Requirements:
- 5 years of relevant experience
- Risk assessment experience - able to articulate security policies of the organization.
- Experience in AV/ATP Solutions, firewalls, Policies/Compliance.
- Experience in AD/ID administration as per best security practices.
- Having cloud security experience is an advantage
- Exposure in IM8 or equivalent
- Experience in any of these technologies is good to have.
Eg: Symantec Endpoint, FireEye ETP, ManageEngine Password Manager Pro, Sophos Endpoint, Graylog, Office 365 Security, Trellix ePolicyOrchestrator, Trellix Network Security Platform, Fortinet, Tenable Nessus, FireEye HTC, Mandiant Advantage