Security Engineer - Vulnerability Management (6-16 yrs)

Job Description :

As a Security Analyst/Engineer, you will be responsible for supporting our organization's security operations by assisting in monitoring, detecting, and responding to security incidents. This role offers a blend of security analysis and engineering tasks. This position offers a progression from foundational knowledge to more advanced responsibilities, allowing you to contribute significantly to the organization's cybersecurity efforts.

Key Responsibilities :

Security monitoring and analysis :

- You assist in monitoring security events and alerts from various sources such as SIEM, IDS/IPS, antivirus systems, and endpoint detection platforms

- You conduct initial analysis of security events to determine their nature and potential impact on the organization

- You collaborate with senior analysts to investigate and respond to security incidents, including malware infections, phishing attempts, and unauthorized access attempts.

Incident response :

- You contribute to incident response activities by providing technical assistance during security incidents, including containment, eradication, and recovery efforts

- You document incident response procedures, develop post-incident reports, and conduct lessons learned sessions to improve incident handling capabilities

- You implement proactive measures to enhance incident detection and response capabilities, such as developing playbooks for common attack scenarios.

Vulnerability management :

- You support the vulnerability management process by assisting in vulnerability scanning, assessment, and remediation efforts

- You help prioritize and track the resolution of identified vulnerabilities in systems and applications

- You collaborate with system owners and IT teams to ensure timely patching and mitigation of identified vulnerabilities, leveraging automation and orchestration where possible

- You conduct security assessments and penetration tests to identify weaknesses in systems, applications, and network infrastructure.

Security tool :

- You assist in the administration and configuration of security tools and technologies, such as firewalls, intrusion detection/prevention systems, and endpoint security solutions

- You participate in the evaluation and testing of new security technologies to enhance the organization's security posture

- You optimize the configuration and tuning of security tools and technologies to improve detection accuracy, reduce false positives, and enhance overall effectiveness

- You evaluate emerging security technologies and solutions, recommending and implementing enhancements to the security toolset based on industry best practices and organizational requirements.

Security awareness and training :

- You support security awareness and training initiatives by assisting in the development of educational materials and delivering security awareness briefings to staff.

Qualifications and Skills :

- Bachelor's degree in computer science, Information Security, or related field

- 5 years of experience in a cybersecurity role with progressively increasing responsibilities

- Strong understanding of cybersecurity principles, threat landscape, and attack methodologies

- Proficiency in security tools and technologies such as SIEM, EDR, IDS/IPS, firewalls, and vulnerability scanners

- Excellent analytical, problem-solving, and decision-making skills

- Effective communication and stakeholder management abilities

- Certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), or equivalent are a plus.

Experience :

- Demonstrated experience in conducting security analysis, incident response, and vulnerability management in a complex environment

- Hands-on experience with security tool optimization, security assessments, and penetration testing

- Proven track record of incident response efforts and effectively managing security incidents from detection to resolution.