Security Engineer - EG Cyber and Information Security
At EG, we develop software for our customers so they can focus on their profession.
Our industry-specific software is built by peers from the industry, and backed by the scale of EG for stability, innovation, and security.
We are committed to advancing industries by tackling big challenges such as resource use, efficiency, and sustainability.
We are a thriving global workforce of 3000+ employees, with a 850+ strong team based in Mangaluru, India. We have a people first culture fostering innovation, collaboration and continuous learning
Join us in creating software that works for people, not software that makes people work. Visit our career page to meet some of your future colleagues, explore our culture, and watch our video " We Make a Difference ".
Learn more about EG here .
About the team:
We think that security can be an exciting journey. With constantly evolving threat landscape and new technologies around, our success depends on our creativity in identifying new ways of securing what matters most to us. If you like to
work smart, be creative, deliver results, develop yourself, act as a team player, and really enjoy cybersecurity
, you will fit perfectly for our team. Working with us will allow you to cooperate in very good atmosphere with motivated, multinational team and gain experience with leading security solutions. You will be responsible for your part of our security playground and have perspectives to grow your team in the future. If it sounds good to you, join our boutique team of experts developing cybersecurity in diverse organizations supporting a wide spectrum of public and private entities by delivering them specialized IT solutions.
Responsibilities:
You will have a chance to grow together with us and actively participate in the process of building security services and competencies. You will work on both improving security of our EG environment, as well as products for our customers. We are looking for new team members with aim of leading and developing security monitoring, vulnerability management and security infrastructure and who can drive on at least some of the following topics:
- Monitoring and responding to vulnerabilities, threats and security events relevant to the organization.
- Defining and optimizing playbooks for different security events.
- Automating response procedures to security vulnerabilities, threats and events.
- Increasing maturity of vulnerability management, detection and response and other security operations in the organization.
- Securing cloud, IT and network infrastructure by defining hardening standards.
- Maintenance and development of vulnerability management and infrastructure security toolset including EDR/XDR, EASM, CNAPP, CWP, CSPM, CIEM, MFA, PAM, WAF, anti-DDoS, identity protection solution, next-generation firewalls and others.
- Building and maintaining integrations between security platforms and other tools.
- Automating repetitive security operations tasks where possible.
- Configuration reviews of public cloud solutions and IT infrastructure (Windows and Linux servers, network devices, workstations and other).
- Collaboration with IT and business to respond to threats, vulnerabilities or issues.
- Creating periodic security reports, presentations and materials on security status and key actions.
- Conducting workshops or training to raise knowledge of IT teams.
Your workday, your tasks and mandatory skill set:
The key skills which can allow you to succeed in this role:
- Practical experience with vulnerability management, security monitoring and incident response.
- Ability to develop automation using simple scripts or tools.
- Understanding security concepts in network, operating systems (Windows, Linux, MacOS), identity and access, databases, virtual environments, Active Directory.
- Knowledge of vulnerability management, system hardening and access management best practices.
- Understanding of key concepts of AWS, Azure or GCP cloud protection and security monitoring.
- Knowledge of docker security principles.
- Knowledge of key security technologies like vulnerability scanners, EDR/XDR, next-generation firewalls, PAM, MFA, CNAPP, CSPM, EASM.
- Ability to perform cloud & IT infrastructure reviews.
- Understanding secure architecture concepts and security good practices.
- Knowledge of NIST Cybersecurity Framework, CIS Controls, MITRE ATT&CK and OWASP recommendations and other security good practices.
- Strong analytical skills, including data analysis and reporting.
- Great communication skills.
Required Skills:
- B.Sc. or M.Sc. in cybersecurity, IT, telecommunications, or similar.
-
The ideal candidate should have at least 4 years of experience in the security area.
- Practical experience with security technologies like EDR/XDR, next-generation firewalls, PAM, MFA, CNAPP, CSPM, EASM.
- Understanding security concepts in network, operating systems (Windows, Linux, MacOS), databases, virtual environments, Active Directory and cloud.
- Team player or leader, analytical skills, creativity, self-motivation, ability to manage and organize work and deliver outstanding results.
- Security certifications like: CISSP, CISM, CCSP, CEH, Security+, OSCP, CEH or others are a plus.
- Excellent written and verbal communication skills
What can you expect from us
: - A professional, innovative, and business-driven environment with exposure to real-world problems and large-scale cybersecurity solutions.
- Work with super-talented and committed colleagues in a culture of collaboration, curiosity, and continuous learning.
- Flexibility to experiment and ownership to implement ideas that matter.
- Extensive opportunities for personal and professional development through our learning academies.
- A strong focus on employee well-being, inclusion, and best-in-class benefits.
