Technology and Innovation - Cloud Security Engineer

• A cybersecurity professional with 2-5 years of experience in IT security or related roles.
• Skilled in security technologies such as SIEM, firewalls, IDS/IPS, endpoint protection, and vulnerability scanners.
• Experienced in incident response and familiar with various threat intelligence platforms.
• Knowledgeable in security frameworks (e.g., NIST, ISO 27001) and regulatory standards (e.g., PCI-DSS, GDPR).
• Comfortable working in high-pressure situations with strong analytical and problem-solving skills.
• Detail-oriented with a proactive mindset and the ability to work well in a team-oriented environment.
• Able to effectively communicate security risks and solutions to stakeholders at all levels.
• What You ll Do:
• Continuously monitor security alerts and logs from various systems (e.g., firewalls, intrusion detection/prevention systems).
• Analyze and investigate security incidents to identify, contain, and remediate vulnerabilities or breaches.
• Coordinate incident responses, conducting root cause analysis and ensuring proper documentation and mitigation.
• Communicate and escalate incidents to the appropriate stakeholders and management.
• Proactively monitor and hunt for emerging threats and vulnerabilities.
• Use security tools to detect anomalies and potential attack patterns.
• Develop and refine threat intelligence to anticipate and mitigate risks.
• Perform regular vulnerability assessments and coordinate patch management activities.
• Work with IT and development teams to ensure timely remediation of vulnerabilities.
• Analyze vulnerabilities and provide recommendations to minimize risk exposure.
• Administer and manage security tools such as SIEM, intrusion detection/prevention systems, firewalls, and antivirus software.
• Tune and configure security systems to improve detection capabilities and reduce false positives.
• Stay up to date with the latest security technologies and practices, recommending improvements as necessary.
• Assist in developing and implementing security policies and procedures to align with industry standards and regulatory requirements.
• Ensure compliance with security frameworks such as NIST, CIS, SOC 2, and GDPR.
• Conduct audits and reviews to ensure adherence to security best practices.
• Work closely with other IT teams (network, systems, cloud engineers) to integrate security into the broader infrastructure.
• Assist with security awareness training for employees and provide guidance on best practices.
• Support the development of incident response plans, disaster recovery strategies, and business continuity plans.
• Maintain detailed incident reports and security logs for future reference and compliance.
• Create and present regular security reports to management, highlighting trends, incidents, and recommendations for improving the organization s security posture.

Preferred Qualifications:

• Bachelor s degree in Computer Science, Information Security, or related field, or equivalent experience.
• Certified Ethical Hacker (CEH)Certified Incident Handler (GCIH)Security+ or other relevant certifications
• 2-5 years in IT security or related roles, with hands-on experience in security technologies and incident response.
• Strong knowledge of TCP/IP, networking protocols, and internet technologies.
• Familiarity with security tools such as Splunk, Palo Alto, CrowdStrike, or similar.
• Knowledge of operating systems (Linux, Windows, macOS) and cloud platforms (AWS, Azure, Google Cloud).Familiar with security frameworks and regulatory standards (e.g., NIST, ISO 27001, PCI-DSS, GDPR).
• Strong analytical, problem-solving, and communication skills.
• Ability to work under pressure in high-stakes environments.
• Detail-oriented with a proactive, team-focused attitude.

Preferred Skills:

• Experience in cloud security (AWS, Azure, GCP).
• Knowledge of scripting languages (Python, Bash, PowerShell).
• Familiarity with automated security testing tools and DevSecOps practices.
• Experience with endpoint detection and response (EDR) systems.