Sybersecurity Engineer

Position Overview
The Cybersecurity Engineer is responsible for the design, implementation, and management of network security, and endpoint security as well as maintaining robust cybersecurity measures across the company's IT infrastructure. The Cybersecurity Engineer has to safeguard network resources, secure endpoints, and ensure infrastructure’s resilience against emerging threats. Working closely with IT and security teams, it will be needed to drive improvements in security posture, perform incident response, and contribute to continuous security enhancements. 

Key Responsibilities
1. Infrastructure Security:
 ● Design & Implementation: Develop and implement security measures to protect IT infrastructure, including servers and databases. 
● Security Monitoring & Incident Response: Monitor infrastructure for security events, investigate incidents, and respond to threats in real time. 
● Vulnerability Management: Conduct regular vulnerability assessments and risk analysis on infrastructure components; coordinate patch management and remediation strategies. 

2. Network Security: 
● Design Secure Network Architectures: Develop and maintain secure network designs, including firewalls, VPNs, and IDS/IPS to ensure confidentiality, integrity, and availability. 
● Network Traffic Monitoring: Monitor and analyze network traffic using intrusion detection systems (IDS/IPS) and other tools to detect and mitigate potential threats. 
● VPN Management: Configure and manage vpn to the organization’s infrastructure. 
● Firewall Management: Configure and manage firewalls and security policies across the organization’s network to enforce the principle of least privilege. 
● Incident Response: Respond to network security incidents, conduct root cause analysis, and coordinate remediation efforts with other teams.

3. Endpoint Security: 
● Endpoint Protection Deployment: Design, deploy, and manage endpoint security platforms such as EDR (Endpoint Detection and Response), antivirus, and anti-malware solutions. 
● Endpoint Monitoring & Response: Monitor endpoints for security alerts, respond to incidents, and implement necessary changes to improve endpoint security posture. 
● Automation & Process Improvement: Develop automation scripts (Python, Bash, PowerShell) to streamline endpoint security operations and improve response times. 
● Security Baselines & Policy Compliance: Implement and enforce endpoint security policies, ensuring compliance with organizational standards and regulatory requirements.

4. Cross-Functional Collaboration & Documentation: 
● Work closely with IT, DevOps, and application development teams to integrate security best practices across all operations. 
● Provide guidance and training to IT staff and end-users on security policies and procedures. 
● Maintain detailed documentation of security configurations, incidents, and procedures. Provide regular reports on security status, incidents, and trends. 

Required Skills & Qualifications
Technical Skills: 
● Familiarity with operating systems (Windows, macOS, Linux) - is a must, mobile platforms (iOS, Android) - would be a plus. 
● Proficiency with firewall technologies (e.g., Palo Alto, Cisco ASA, Fortinet), VPNs, IDS/IPS, network access control (NAC), and secure network architecture design. 
● Expertise in endpoint protection platforms (e.g., CrowdStrike, Carbon Black, Cortex XDR) and patch management solutions. 
● Strong scripting skills (Python, Bash, PowerShell) for security automation and process improvements. 
● Hands-on experience with SIEM tools (Splunk, QRadar, ELK) and log analysis for threat detection across infrastructure, network, and endpoint systems. - nice to have 
● Experience with vulnerability scanning tools (Nessus, Qualys) and penetration testing techniques - nice to have. 
● Experience with deploying, configuring and managing of Keycloak would be nice to have 

Soft Skills: 
● Strong analytical and troubleshooting skills to investigate and resolve security incidents. 
● Excellent written and verbal communication skills for technical reporting and collaboration. 
● Ability to work effectively both independently and within cross-functional teams. 

Experience: 
● 5+ years of experience in cybersecurity engineering, with a focus on infrastructure security, network security, and endpoint security. 
● Hands-on experience with security platforms and tools such as EDR, firewalls, SIEM, vulnerability scanners, and automation scripting.