Cyber Security Engineer Job Description Template
Our company is looking for a Cyber Security Engineer to join our team.
Responsibilities:
- Mentor the IT team to drive security improvements;
- Ensure internal processes are followed;
- Provides ongoing support to existing monitoring capabilities and data collection systems;
- Maintain asset management systems for all IT and mobile device asset;
- Ensure that all tickets passed to the internal systems team are responded to within pre-set service levels;
- Perform investigations and analysis of security breaches / non-compliance and 3rd parties in line with legislative and industry best practise;
- Aids in gathering metrics for measuring security value, gaps, performance and risks;
- Promotes Security awareness, corporate learning and continual improvement across the business leading to a security aware culture which reduces risk;
- Develops advanced alerts/reports to meet the requirements of key stakeholders;
- Develops automation for security tools management and workflow integration;
- To play an active role within the IT team remaining flexible to support others during busy periods;
- Creation and implementation of custom alerting dashboards in SIEM for investigations;
- Ensure security testing plans, with regular audits, are in place for all systems including our cloud ITSM and other SaaS applications;
- Planning, configuring, tuning & maintaining security solutions such as WAF, Cloud, Container and IPS/IDS;
- Identify relevant problem types and associated priorities.
Requirements:
- Able to influence at engineering, architecture, strategic and leadership levels;
- Must have an understanding of OWASP, documentation and artefacts;
- Familiarity with common attack techniques and their remediation/defence including DoS, DDoS, Social engineering, Virus, Malware, Vulnerability;
- Security, compliance and regulatory experience in a public cloud environment;
- Good understanding of agile methodologies;
- Experience planning, researching and developing security policies, standards and procedures;
- Solid understanding of security protocols, cryptography, authentication, authorisation and network security implementations;
- Experience with anti-virus software, intrusion detection, firewalls and content filtering;
- exploitation, Phishing & Spear Phishing, Worms, Trojans, Rootkits, Ransomware, XSS, SQL Injection, Remote Command Execution, Session Hijacking, etc;
- Good knowledge of cryptography and public key infrastructure;
- General awareness and interest in IT security;
- Experience in supporting an Endpoint Protection suite;
- Experience in supporting an email security platform, ideally Mimecast;
- Experience in supporting Microsoft security solutions;
- Understanding of various IT security protections such as AV, IPS, DLP, Sandboxing.