Security Engineer

Job Summary:

Security Engineer

Key Responsibilities:

• Design and enforce security controls across

  cloud (AWS)

  and

  on-premise

  environments.
• Configure and manage

  Sophos hardware firewalls

  for network protection and segmentation.
• Secure and monitor

  web traffic, APIs, and DNS

  via

  Cloudflare WAF, rate limiting, and bot management

  .
• Implement and maintain

  IAM policies

  ,

  S3 encryption

  ,

  VPC configurations

  , and

  MFA

  in AWS.
• Harden servers running

  Windows and Ubuntu

  , applying regular patches and security baselines.
• Conduct security reviews for

  ELK and SQL databases

  , focusing on access control, backups, and encryption.
• Develop and automate

  audit logging, intrusion detection

  , and

  real-time alerting

  across systems.
• Integrate security into

  CI/CD pipelines

  using GitHub Actions, Terraform, etc.
• Work closely with DevOps and engineering teams to conduct

  threat modeling

  and risk assessments.
• Respond to

  security incidents

  , perform root cause analysis, and lead

  remediation efforts

  .
• Ensure compliance with

  ISO 27001

  ,

  GDPR

  , and internal data protection policies.

Required Skills & Tools:

• Strong hands-on experience with

  AWS Security best practices

  (IAM, KMS, CloudTrail, GuardDuty).
• Knowledge of

  Cloudflare features

  like WAF, DNSSEC, SSL, Zero Trust, and traffic routing.
• Proficiency in managing

  Windows Server

  and

  Linux (Ubuntu)

  security configurations.
• Practical knowledge of

  Sophos firewall

  policies, VPNs, and IPS.
• Experience with

  ELK Stack security

  (user authentication, RBAC, log masking) and

  SQL database hardening

  .
• Familiarity with

  log aggregation, SIEM tools

  , and

  endpoint security solutions

  .
• Ability to automate tasks with

  Python, Bash

  , or PowerShell.
• Good understanding of

  network protocols, port scanning

  , and

  packet inspection

  .
• Experience in

  penetration

  and

  brute force testing

  , with ability to guide teams.

Preferred Qualifications:

• Certifications:

  AWS Security Specialty, CEH, CISSP, CISM, OSCP

  .
• Experience working with

  hybrid environments

  (cloud + on-premise).
• Exposure to

  compliance standards

  like SOC 2, GDPR, ISO 27001.
• Familiarity with

  DevSecOps pipelines

  , vulnerability scanning, and

  configuration drift detection

  .