Cyber Security Engineer

Key Responsibilities

Security Operations & Tool Management

• Manage, configure, and maintain security infrastructure tools, endpoint protection platforms, and Privileged Access Management (PAM) solutions.
• Administer and support cloud-based security technologies and security controls.
• Monitor security events and ensure proper operation of cybersecurity tools and services.
• Support security policy implementation, system hardening, and access control management.

Incident Response & Remediation

• Investigate and respond to security alerts, incidents, and suspicious activities.
• Perform hands-on remediation activities for identified security threats and vulnerabilities.
• Conduct root cause analysis and implement corrective actions.
• Coordinate with internal teams and external vendors to resolve security incidents.

Vulnerability & Audit Management

• Conduct vulnerability assessments and security scans on a regular basis.
• Analyze scan results and coordinate remediation activities.
• Support penetration testing, compliance reviews, and security audits.
• Track vulnerability remediation progress and ensure timely closure of findings.

Log Analysis & Security Monitoring

• Utilize SIEM platforms and log management solutions to monitor, analyze, and investigate security events.
• Review logs from servers, endpoints, firewalls, routers, and network devices.
• Identify indicators of compromise, suspicious activities, and security threats.
• Develop and maintain monitoring use cases, dashboards, and security reports.

Documentation & Reporting

• Maintain incident records, security documentation, standard operating procedures, and investigation reports.
• Prepare management reports on security incidents, vulnerabilities, and remediation activities.
• Support compliance, governance, and audit requirements.

Technical Qualifications & Competencies

Security Technologies

• Hands-on experience with SIEM platforms such as RSA NetWitness, Splunk, Elastic Stack (ELK), or similar solutions.
• Experience with Privileged Access Management (PAM) solutions such as CyberArk.
• Experience with Endpoint Detection and Response (EDR), antivirus, and malware protection platforms such as Trend Micro or equivalent.
• Familiarity with cloud security technologies and security best practices.

Operating Systems & Scripting

Linux

• Good understanding of Linux operating systems and security administration.
• Experience with Bash scripting and command-line troubleshooting.
• Familiarity with security tools and frameworks.

Windows

• Strong Windows Server administration and security management experience.
• Knowledge of Active Directory, Group Policy, Windows security controls, and system hardening.

Security Investigation

• Ability to independently investigate complex cybersecurity incidents and security threats.
• Experience performing threat analysis, log correlation, forensic investigation, and incident response activities.
• Strong analytical and problem-solving capabilities.

Requirements

• Diploma or Degree in Cyber Security, Information Security, Computer Science, Information Technology, or a related discipline.
• Minimum 3–5 years of experience in Security Operations, SOC, Cybersecurity Engineering, or Information Security roles.
• Experience supporting enterprise security infrastructure and incident response activities.
• Strong understanding of cybersecurity principles, attack techniques, and security controls.

Preferred Certifications

• CompTIA Security+
• CEH (Certified Ethical Hacker)
• CySA+
• CISSP
• Splunk Certifications
• CyberArk Certifications
• Microsoft Security Certifications
• GIAC Certifications