Responsibilities: The Cybersecurity Engineer is responsible for protecting an organization's computer systems and networks from cyber threats.
This role involves designing, implementing, and maintaining security measures, monitoring for security breaches, and responding to incidents to ensure the confidentiality, integrity, and availability of data.
Key Responsibilities: Design, implement, and manage a comprehensive suite of security tools and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection.
Proactively monitor networks, systems, and cloud environments (Office 365, Azure, AWS) for security breaches and anomalies, utilizing tools such as SIEM, EDR (e.g., Palo Alto Cortex XDR), and native platform logs.
Conduct regular vulnerability assessments, penetration testing, and patch management (e.g., using Qualys) to identify, prioritize, and remediate security weaknesses across servers, PCs, and network devices.
Lead the response to and investigation of security incidents, providing detailed analysis, containment, eradication, and recovery efforts.
Develop, enforce, and refine security policies, procedures, and best practices to adapt to the evolving threat landscape.
Perform routine security operations, including monitoring system logs, reviewing firewall configurations, managing privileged access (PAM), and ensuring the health of security agents.
Collaborate with IT and other departments to ensure security is integrated into all aspects of the technology lifecycle, from system deployment to sunsetting applications.
Stay current with the latest cybersecurity trends, threats, and technologies to continuously improve the organization's security posture.
Prepare and present reports on security incidents, risk assessments, and compliance status to stakeholders.
Requirements Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent practical experience).
Proven experience in a cybersecurity, information security, or a similar role.
Strong knowledge of network and system security, security architecture, cryptography, and risk management principles.
Hands-on experience with a variety of security tools, including SIEM, IDS/IPS, firewalls, endpoint protection, and vulnerability scanners.
Proficiency in scripting and automation (e.g., Python, Power Shell) to enhance security operations.
Experience with cloud security for platforms such as AWS, Azure, or Google Cloud, including Office 365 Intune.
Familiarity with regulatory compliance requirements (e.g., GDPR, HIPAA, PCI-DSS).
Relevant professional certifications are highly desirable (e.g., CISSP, CEH, Security+, CISM).
Excellent problem-solving, analytical, and critical-thinking skills.
Strong communication and teamwork abilities to effectively collaborate with technical and non-technical teams.
