EduFund - Security Engineer (2-3 yrs)

About the Role :

EduFund is seeking an experienced Security Engineer to manage and enhance our digital security infrastructure. This role involves designing, implementing, and overseeing cybersecurity measures, ensuring alignment with ISO 27001 compliance, and integrating security protocols across our DevOps pipeline.

As the primary point of contact for digital security, you will work closely with cross-functional teams, providing guidance and managing incident responses to protect our digital environment effectively.

Key Responsibilities :

1. Digital Security Management : Develop, operate, and maintain a secure IT infrastructure in alignment with company strategies and compliance requirements.

2. ISO 27001 Compliance : Lead the initiative to achieve and maintain ISO 27001 certification by identifying compliance gaps, recommending solutions, and coordinating implementation across departments.

3. DevSecOps Integration : Integrate robust security measures within the DevOps pipeline to secure application deployment.

4. Performance Tracking : Establish and monitor security metrics and KPIs to assess and improve security effectiveness.

5. Incident Management : Deploy and manage software for system and network monitoring to detect security incidents; oversee incident response processes.

6. Employee Training : Educate staff on cybersecurity best practices and ISO 27001 compliance to enhance organizational security awareness.

7. Security Architecture : Design a comprehensive cybersecurity framework to address vulnerabilities and potential threats.

8. Consultation and Advising : Provide expert advice on cybersecurity to management and collaborate with other departments on security-related issues.

Qualifications :

Education : Bachelor's degree in Computer Science or a related field.

Experience : Minimum of 2 years as a System Security Engineer or in a related role focused on digital security and compliance.

Certifications : CISSP, CEH, CompTIA Security+, or similar certifications are highly desirable.

- Expertise in ISO 27001 compliance is required.

Technical Proficiency : Strong knowledge of operating systems, database security, networking, and security tools, including anti-virus, firewalls, and intrusion detection systems.

DevSecOps Experience : Proficiency in incorporating security into DevOps pipelines using tools like Jenkins or GitLab.

Soft Skills : Excellent critical thinking, problem-solving, and communication abilities