Senior Security Engineer

Role Purpose:

Responsibilities:

• Lead and manage complex security incidents, including investigation, containment, eradication, and recovery.
• Conduct forensic analysis for both cloud-based and on-premise environments using industry-standard tools and best practices.
• Manage and fine-tune security platforms, including SIEM (Microsoft Sentinel), EDR (Microsoft Defender for Endpoint), DLP, and CNAPP (Wiz, Prisma Cloud).
• Oversee the complete vulnerability management lifecycle using tools such as Rapid7, Microsoft Defender, and Tenable.
• Act as a Subject Matter Expert (SME) across security domains, including endpoint protection, cloud security, IAM, and PAM.
• Implement and enforce security hardening, configuration baselines, and compliance policies across Windows and Linux systems.
• Automate repetitive security operations tasks using scripting languages such as PowerShell and Bash.
• Collaborate cross-functionally with IT, DevOps, and Compliance teams to align on security best practices and governance.
• Maintain clear and detailed documentation of incidents, workflows, response playbooks, and security improvements.
• Contribute to the development of the Security Operations Centre (SOC), including processes, tools, and team maturity.
• Support implementation of key Information Security projects and contribute to the future Target Operating Model for the function.
• Provide mentorship to junior security analysts and engineers to foster a strong learning culture within the team.

Skills & Experience:

• Minimum 7+ years of experience in information security, preferably in SOC, incident response, or security engineering roles.
• Advanced knowledge of both Windows (AD, DNS) and Linux operating systems, with proven hands-on hardening and configuration experience.
• Strong experience in threat detection, incident handling, and forensic investigation.
• Expertise in managing and optimizing Microsoft Sentinel (SIEM), Microsoft Defender (EDR), Wiz/Prisma (CNAPP), and DLP solutions.
• Proficient in scripting languagesPowerShell and Bashto support automation and tooling for security operations.
• Solid understanding of cloud-native security practices, preferably within Microsoft Azure environments.
• Experience with Identity & Access Management (IAM) and Privileged Access Management (PAM) tools such as Azure PIM and CyberArk.
• Strong documentation, reporting, and communication skills with the ability to work effectively in a team-oriented environment.
• Demonstrated ability to manage high-volume workloads and prioritize effectively in a dynamic, high-pressure environment.

Preferred Certifications (Optional but a Plus):

• GIAC (GCIA, GCIH, GCFA)
• Microsoft SC Series (SC-200, SC-300, SC-400)
• Azure Security Engineer Associate (AZ-500)
• OSCP, CEH, CISSP