Embedded Security Engineering Technical Consultant

The Security Engineering Technical Consultant is responsible for providing technical leadership and expertise in designing and implementing robust security solutions within an organization. This role involves assessing security risks, developing security architectures, designing secure systems, and overseeing the implementation and maintenance of security controls. The Security Engineering Lead collaborates with cross-functional teams to enhance the organization's security posture and mitigate potential threats. Additionally, the consultant provides technical guidance and support to other security engineers and analysts, as well as collaborates with other IT teams and stakeholders to ensure the security of our systems and data.

1. Assess security risks and develop comprehensive security architectures aligned with the organization's goals and regulatory requirements.
2. Design secure systems, networks, and infrastructure that protect against threats and vulnerabilities.
3. Define security requirements and standards for software applications, databases, and other technology assets.
4. Oversee the implementation of security controls and technologies to safeguard the organization's information assets.
5. Collaborate with internal teams and external vendors to ensure the proper configuration, integration, and deployment of security solutions.
6. Conduct security assessments and penetration testing to validate the effectiveness of implemented controls.
7. Develop and maintain incident response plans, including procedures for detecting, investigating, and mitigating security incidents.
8. Lead incident response efforts, coordinating with internal teams and external stakeholders.
9. Conduct post-incident analysis to identify lessons learned and implement necessary improvements.
10. Provide guidance and support to employees on security-related matters.
11. Identify, assess, and prioritize security risks based on their potential impact on the organization.
12. Develop risk mitigation strategies and implement appropriate security controls.
13. Conduct risk assessments and audits to ensure compliance with industry standards and regulatory requirements.
14. Stay abreast of the latest security trends, vulnerabilities, and emerging technologies.
15. Conduct research and evaluate new security tools, technologies, and methodologies.
16. Make recommendations for their adoption to enhance the organization's security posture.
17. Provide technical leadership and mentorship to the security team.
18. Collaborate with cross-functional teams, including IT, operations, and compliance, to align security efforts with business objectives.
19. Foster a collaborative and inclusive work environment.
20. Deliver all other objectives as deemed necessary by the Line manager.

Qualification & Skills:

1. Bachelor's or master's degree in computer science, information security, or a related field.
2. Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) are preferred.
3. Minimum of 8 years of experience as a security engineer, security analyst, security architect, or a similar role.
4. Proven experience in security engineering and designing secure systems.
5. Strong understanding of security principles, technologies, and best practices.
6. Experience in security incident response, risk management, and compliance.
7. Experience in leading security engineering teams is advantageous.
8. In-depth knowledge of security technologies, including firewalls, intrusion detection systems, encryption, access control, authentication, and vulnerability assessment tools.
9. Proficiency in secure coding practices and secure software development methodologies.
10. Familiarity with industry security frameworks such as NIST Cybersecurity Framework, ISO 27001, and CIS Controls.
11. Knowledge of regulatory requirements such as GDPR, HIPAA, or PCI DSS.
12. Ability to translate frameworks and standards into practical security solutions.
13. Strong analytical skills to assess complex security risks and develop effective mitigation strategies.
14. Ability to analyze security incidents, identify root causes, and implement appropriate remediation actions.
15. Strong problem-solving abilities to resolve technical security issues.
16. Excellent communication skills to effectively convey complex security concepts to technical and non-technical stakeholders.
17. Strong leadership abilities to inspire and motivate the security engineering team.
18. Ability to collaborate and build relationships with internal and external stakeholders.
19. Proactive attitude towards continuous learning and staying updated with the evolving security landscape.
20. Participation in security conferences, training programs, and industry forums to enhance knowledge and skills.
21. Excellent leadership, communication, and problem-solving skills.
22. Knowledge of security best practices and methodologies, such as risk assessment, vulnerability scanning, penetration testing, incident response, etc.

Control Risks offers competitive packages for its positions including but not limited to mandatory annual leave, private medical insurance, annual flights to home country, provided accommodation, and vehicle.