We are seeking a highly skilled and experienced Security Engineer to join our team. As a Security Engineer, you will be responsible for performing a range of essential tasks to ensure the security and integrity of our organization's vital data. Your primary responsibilities will include conducting penetration tests, vulnerability assessments, and security analyses. Additionally, you will be expected to train our staff on secure coding practices, perform red team exercises, and document any security breaches and the resulting damage.
**Key Responsibilities**:
Conduct penetration tests and vulnerability assessments to identify potential security weaknesses.
Train staff in secure coding practices to promote a culture of cybersecurity awareness.
Perform red team exercises to simulate real-world cyberattacks and assess our organization's defenses.
Analyze security issues thoroughly to identify the root cause and suggest appropriate solutions.
Install and configure essential software such as firewalls and data encryption programs to safeguard our organization's vital data.
Stay up-to-date with the latest security trends and technologies to ensure our systems are protected against emerging threats.
Prepare detailed documentation of security breaches and the resulting damage for reporting and analysis purposes.
Collaborate with management and IT staff to suggest security enhancement methods and implement both internal and external security audits.
Verify whether third-party vendors meet our security requirements to ensure the integrity of our systems and data.
Provide guidance and support to amateur computer users seeking information on security procedures.
Research and evaluate the newest security technologies to identify the best solutions for our organization.
Develop and implement a comprehensive disaster recovery plan, including data transfer and IT system restoration, to ensure business continuity during emergencies.
Bachelor's degree in Computer Science, Information Technology, or a related field.
Proven experience in conducting penetration tests, vulnerability assessments, and security analyses.
Strong knowledge of secure coding practices and the ability to train others effectively.
Familiarity with red team exercises and the ability to simulate real-world cyberattacks.
Proficiency in installing and configuring firewalls, data encryption programs, and other security software.
Up-to-date knowledge of the latest security trends, threats, and technologies.
Excellent analytical and problem-solving skills to identify and address security issues.
Strong communication and documentation skills to report on security breaches and suggest enhancements.
Experience in implementing internal and external security audits.
Ability to work collaboratively with management, IT staff, and third-party vendors.
Experienced in managing and supporting cloud-based WAF, anti DDoS systems, and security monitoring tools (SIEM, Log Management, etc.)
Strong understanding of disaster recovery planning and implementation.
Relevant certifications such as Certified Ethical Hacker (CEH) or Certified Information Systems Security Professional (CISSP) are highly desirable.