Cyber Security Engineer

Job Summary

The Cyber Security Engineer will be responsible for implementing, managing, and optimizing security solutions to protect the organization's IT infrastructure from cyber threats. This role involves working with IPS, firewalls, SIEM, and SOAR, while also handling threat detection, incident response, and security automation. The ideal candidate should have hands-on experience with security platforms, endpoint protection, and privileged access management (PAM) to strengthen the overall security posture.

Key Responsibilities

1. Deploy, configure, and manage security solutions, including IPS, firewalls, SIEM, and SOAR systems.
2. Monitor security events and alerts, ensuring timely detection and response to cyber threats.
3. Investigate and resolve security incidents, collaborating with SOC and IT teams.
4. Implement security policies and best practices across network, endpoint, and cloud environments.
5. Optimize security automation through SOAR platforms to enhance incident response.
6. Manage endpoint security solutions, such as EDR/XDR, antivirus, and sandboxing technologies.
7. Enforce email security protocols and DLP solutions to prevent data leaks and phishing attacks.
8. Administer Privileged Access Management (PAM) solutions like CyberArk to protect sensitive credentials.
9. Perform vulnerability assessments and security audits, ensuring compliance with industry standards.
10. Document security incidents, processes, and configurations for continuous improvement.

Qualifications & Skills

Must-Have

1. Strong expertise in IPS (Intrusion Prevention Systems).
2. Hands-on experience with Firewalls (Next-Gen, perimeter security).
3. Knowledge of SIEM and SOAR platforms for threat detection and automation.

Preferred

1. Email Security solutions to protect against phishing and malware.
2. EDR/XDR experience for endpoint detection and response.
3. FireEye NX, EX, or sandboxing solutions for advanced threat prevention.
4. TrendMicro Deep Security / ApexOne for endpoint security.
5. Symantec or Forcepoint DLP for data loss prevention.
6. CyberArk PAM or similar PAM solutions for privileged access control.

Good to Have

1. A10 SSL Offloading for encrypted traffic inspection.
2. Symantec Email Encryption for securing email communications.
3. TrendMicro DDAN Sandbox for malware analysis.
4. Symantec PGP for secure messaging and data encryption.
5. Tripwire File Integrity Monitoring for detecting unauthorized changes.
6. Guardium for database activity monitoring.
7. Algosec for network security policy management.
8. Cofense Email Phishing solutions to detect phishing attempts.
9. Kiteworks File Sharing System for secure file transfers.
10. Prisma Cloud for cloud security and compliance monitoring.

Behavioral Competencies

1. Analytical Thinking: Ability to assess and respond to complex security threats.
2. Attention to Detail: Ensuring accuracy in security configurations and incident reporting.
3. Problem-Solving Skills: Quickly diagnosing and resolving security incidents.
4. Collaboration & Communication: Working with IT and security teams to strengthen defenses.

Technical Competencies

1. Expertise in security tools (IPS, firewalls, SIEM, SOAR).
2. Knowledge of network security protocols (TCP/IP, VPNs, encryption).
3. Hands-on experience with threat hunting and forensic analysis.
4. Experience in security automation and scripting (Python, PowerShell preferred).