Cyber Security Engineer

Cyber Security Engineer

Key Responsibilities

Security Monitoring & Incident Response

• Monitor security alerts from SIEM, firewalls, IDS/IPS, and endpoint protection tools.
  
• Investigate security incidents, perform root-cause analysis, and provide timely responses.
  
• Document incidents, mitigation steps, and follow-up actions.
  

Vulnerability & Risk Management

• Perform regular vulnerability assessments and coordinate remediation.
  
• Conduct security audits for servers, networks, applications, and cloud environments.
  
• Track and reduce risk levels through proactive security measures.
  

Security Tools & Infrastructure

• Manage and configure firewalls, antivirus/EDR solutions, SIEM platforms, DLP tools, and VPNs.
  
• Maintain security patches, OS hardening, and security baselines.
  
• Implement identity and access management (IAM) controls.
  

Policy, Compliance & Governance

• Develop and enforce information security policies, SOPs, and best practices.
  
• Support compliance with ISO 27001, NIST, GDPR, PCI-DSS, and other security frameworks.
  
• Conduct user awareness training on cybersecurity practices.
  

Penetration Testing & Secure Development

• Perform penetration testing on web apps, networks, and cloud resources.
  
• Collaborate with developers to implement secure coding practices.
  
• Review architecture and designs for security gaps.
  

Cloud & Network Security

• Implement cloud security controls (AWS, Azure, GCP) and monitor cloud environments.
  
• Secure network infrastructure, VPNs, and remote access systems.
  
• Support secure deployment of IT and OT systems.
  

Required Skills & Qualifications

• Bachelor’s degree in Computer Science, Cyber Security, IT, or related field.
  
• Experience with cybersecurity tools such as SIEM, IDS/IPS, Firewalls, EDR, DLP, WAF, etc.
  
• Strong understanding of networking (TCP/IP, DNS, VPN, routing, switching).
  
• Knowledge of threat intelligence, malware analysis, and attack techniques.
  
• Experience with vulnerability scanning tools (Nessus, Qualys, OpenVAS).
  
• Familiarity with ISO 27001, NIST, CIS Controls, or similar frameworks.
  
• Good analytical, problem-solving, and communication skills.
  

Preferred Skills (Good to Have)

• Security certifications (CEH, CompTIA Security+, CySA+, ISO 27001 LA, OSCP, CISSP).
  
• Experience with cloud security tools and architecture (AWS/Azure/GCP).
  
• Knowledge of scripting languages (Python, PowerShell, Bash).
  
• Experience in SOC operations, threat hunting, or digital forensics.
  
• Understanding of DevSecOps and CI/CD security integration.
  

Key Competencies

• Analytical mindset
  
• Attention to detail
  
• Incident-handling capability
  
• Strong technical troubleshooting
  
• Continuous learning orientation
  
• Teamwork and communication skills