Senior Information Security Engineer - SOC

About the Role:

As a Information Security Officer, you'll join growing Global Corporate Security Office diverse international team bridging divisions, central services, and global entities. Ideal for career changers or early cybersecurity enthusiasts, this role offers a hands-on learning experience with room to grow.

What Youll Do:

• Develop, review, and maintain security policies and procedures; produce documentation and guidelines to foster organizational security awareness.
• Support or manage internal frameworks and audits related to ISMS (ISO 27001), QMS (ISO 9001), and SOC2.
• Handle security incidents end-to-end, from detection to resolution and post-incident analysis.
• Contribute to security-focused projects: define requirements, assess risks & mitigations, and monitor adherence to securitybydesign principles.
• Advise on secure product design and development to uphold privacy and regulatory standards.
• Build team security maturity: assess current competencies, identify gaps, propose improvements, and drive training initiatives.
• Serve as a liaison for a designated Cegeka Group entity, addressing security/compliance queries and verifying conformance with baseline standards.
• Support corporate security office in validating compliance across group entities (CSAF/minimum security standards).
• Maintain the corporate security risk register: identify, document, and track organizational risks.
• Seek and participate in ongoing training to strengthen security expertise; provide feedback and suggest enhancements to existing processes.

Technical Exposure:

• SIEM/SOAR

  : Hands-on experience with

  Splunk

  or equivalent tools.

• EDR

  : Familiarity with

  CrowdStrike

  endpoint protection.

• Vulnerability Management

  : Using tools like

  Microsoft Intune

  .

• Network Security

  : Understanding of

  firewalls (e.g., FortiGate)

  and other perimeter controls.

• Application Security (AppSec)

  : Secure coding practices, code reviews, and application threat modeling.

• SDLC Security

  : Integration of security controls into development lifecycles.

• AI Risk Awareness

  : Understanding risks associated with AI models and data privacy.

• Enterprise Risk Management

  : Experience in identifying, analyzing, and mitigating enterprise-level security risks.

• Threat Intelligence

  : Ability to analyze threat reports and integrate actionable intelligence into security posture.

Requirements:

• Bachelors or masters degree in a relevant field or equivalent practical experience.
• Excellent communication capabilities with both technical and business stakeholders (e.g., CISO, IT, engineering).
• Familiarity with frameworks like NIST or ISO 27001.
• CISSP and/or CISM certifications.
• Fluent in English (verbal and written)