Closing Date : 30/04/2025

Senior Infosecops Engineer  

Position Responsibilities

  • Develop, implement and maintain security policies, procedures, and best practices.
  • Conduct security audits and compliance assessments to ensure adherence to industry standards and regulations (e.g., ISO 27001, NIST, SOC 2).
  • Configure and manage security tools, including firewalls, SIEM, IDS/IPS, and endpoint protection solutions.
  • Monitor security events, investigate incidents, and respond to threats.
  • Investigate security breaches, conduct forensic analysis, and implement corrective actions.
  • Perform vulnerability assessments, risk assessments and facilitate penetration testing activities to identify and mitigate risks.
  • Work with DevOps and IT teams to apply patches and integrate security into the development lifecycle and system architectures.
  • Design and deliver training programs to educate employees on security best practices and promote a security-first culture within the organization.
  • Stay up to date with emerging threats, vulnerabilities, and security technologies.

Qualification and Experiences

Experience:

  • 3 to 5+ years of experience in cybersecurity, including implementing security measures, managing security tools, leading compliance audits and responding to incidents.
  • Strong analytical skills for assessing complex security events and developing effective solutions.
  • Excellent verbal and written skills, with the ability to communicate complex security concepts to both technical and non-technical audiences.
  • Strong knowledge of security principles, cryptography and secure coding practices.
  • Deep understanding of networking protocols, network security, system hardening and security best practices.
  • Familiarity with compliance frameworks (ISO 27001, NIST, SOC 2, etc.) and security best practices (e.g., NIST, CIS, GDPR).
  • Experience with security tools such as SIEM, IDS/IPS, firewalls and endpoint protection (EDR).
  • Experience with vulnerability management, risk assessment and mitigation, and penetration testing tools.
  • Ability to analyze security logs from various sources (network devices, servers, applications) and perform incident response.

a Necessity, not a Luxury