Security Engineer

The purpose of this role is to support the Technical Solutions Team in defending, responding to, reporting on, mitigating, and restoring enterprise systems before, during, and after any attempts at exploitation. As a Security Engineer, your responsibilities will vary depending on the missions and threats faced. Daily tasks will focus on being an escalation point and providing support for the team, while working with a diverse range of customers, including governments, the SME sector, large companies, service providers, and non-governmental organizations.

Key Accountabilities:

• Responsible for the security architecture, managing Splunk infrastructure, Azure infrastructure, and use case creation.
• Provide sustainment support for all delivered mission-specific IT equipment (hardware and software), including customized and standalone IT equipment to ensure availability.
• Manage SIEM, SOAR, and security-related devices such as Firewalls, IDS, EDR, and DLP.
• Ensure the health of data sources feeding into the SIEM or other security-related tools, including system logs, application logs, and firewall logs.
• Assist with assessments and forensic analysis as directed.
• Collaborate with the SOC Team to ensure the organization's systems are operational and secure.
• Help plan, create, and deploy the tools needed to achieve objectives in collaboration with the SOC Team.
• Assist in developing internal operational architecture, tools, and procedures to improve performance.
• Work with development organizations to create and deploy necessary tools.

Requirements:

• Proficient coding experience in Python, PowerShell, or Bash to automate routine tasks.
• Strong understanding of Splunk query language and architecture.
• Ideally certified in Splunk and/or Azure.
• A bachelor's degree in a related field (IT, Engineering) is preferred.
• At least 7 years of hands-on experience in security engineering, focusing on developing and implementing security solutions.
• Proven experience with security technologies, system hardening, threat detection tools, and managing security protocols.
• Good knowledge of network and security tools such as Microsoft Azure Sentinel, Splunk, Juniper SRX, Cisco ASA, Palo Alto, Fortigate, and Security Onion.
• Strong understanding of network and system architectures, including High-Level Design (HLD) and Low-Level Design (LLD).
• Solid experience in TCP/IP, MITRE ATT&CK, and Cyber Kill Chain frameworks.
• In-depth knowledge of security devices and applications such as DLP, Endpoint Security (Microsoft Defender, Carbon Black EDR, Velociraptor), Firewalls, as well as authentication services like ACL, TACACS, and RADIUS.
• Strong understanding of Change Management and Incident Handling.

Language Requirements:

• English proficiency is required.

This position is critical for maintaining the security integrity of the organization's systems and responding effectively to threats.