Information Security Engineer

About the Role

Information Security Engineer

As the lead engineering resource within the InfoSec team, you will work closely with global stakeholders to deliver both proactive security initiatives and reactive incident response. This role is hands-on and requires a blend of technical expertise, problem-solving skills, and strong collaboration.

Key Responsibilities

• Monitor security event platforms, perform first-level incident triage and resolution, and participate in incident retrospectives.
• Own the

  vulnerability management program

  , including classification, tracking, remediation, documentation, and reporting.
• Evaluate, recommend, and implement new security tools from requirements gathering through production deployment.
• Provide proactive feedback to improve monitoring capabilities, tools, and processes.
• Create daily, weekly, and monthly reports for the Security Management Team.
• Maintain and update incident response

  runbooks, procedures, and playbooks

  .
• Contribute to playbook development using lessons learned and best practices.
• Stay current with emerging threats and security trends using public cyber resources (blogs, sites, podcasts).
• Participate in the

  on-call rotation

  to support 24/7 coverage.

Required Qualifications

• Bachelor's degree in Information Technology, Computer Science, or equivalent experience.

• 4+ years of IT experience

  , with

  2+ years in Information Security Engineering

  (incident response, threat detection, security architecture/design, and DevSecOps).
• Proven knowledge of end-to-end

  incident response in cloud environments

  (detection, containment, eradication, recovery).
• Experience designing and improving

  security controls using standard frameworks

  .
• Expertise in

  Identity & Access Management (IAM, SSO/MFA, SCIM)

  , preferably with

  Okta

  .
• Strong understanding of

  DNS and networking protocols

  .
• Hands-on experience working in

  SOC- or ISO-compliant environments

  with knowledge of security standards and compliance practices.
• One or more recognized certifications (

  CISSP, AWS Security Specialty, Azure Security Engineer

  , etc.) strongly preferred.
• Practical experience in

  cloud security administration

  .

Nice to Have

• SIEM engineering and administration experience.
• Endpoint Detection & Response (EDR) engineering and administration experience.
• Knowledge of

  DAST, SAST, SCA

  , and secure software development lifecycle.
• Ability to read and understand code (JavaScript, PHP, Java).
• Prior Security Operations Centre (SOC) team experience.
• Experience with

  Data Loss Prevention (DLP)

  tools.
• Advanced scripting skills for automation (PowerShell or Python preferred).