Job Description

Security Engineer Palo Alto | CrowdStrike | Qualys | CyberArk

1. JOB OVERVIEW

Job Title: Vulnerability Management Engineer Department: Information Security Function: Cybersecurity Reports To: Head of Information Security

2. JOB SUMMARY

The Security Engineer is responsible for identifying, assessing, prioritizing, and remediating security vulnerabilities across the organization's infrastructure. The role operates enterprise-grade vulnerability management platforms (Tenable and Qualys), integrates with SIEM solutions such as Splunk, and works closely with SOC, IT Infrastructure, and risk teams to maintain a strong security posture.

3. TASKS & RESPONSIBILITIES

Vulnerability Management

• Design, deploy, and manage enterprise vulnerability scanning programmes using Tenable (Nessus / Tenable.io / Tenable.sc) and Qualys (VMDR / Cloud Agent).
• Perform regular authenticated and unauthenticated vulnerability assessments across on-premises, cloud (GCP, AWS, Azure), and hybrid environments.
• Prioritise vulnerabilities using CVSS scoring, threat intelligence feeds, and business-criticality context.
• Track remediation progress, produce trend reports, and present findings to technical and non-technical stakeholders.

SIEM & Security Monitoring

• Integrate vulnerability scan data into Splunk (or equivalent SIEM) for correlated alerting and dashboarding.
• Monitor and analyse security logs, events, and alerts to detect indicators of compromise and respond in a timely manner.
• Build and maintain SIEM use-case content (correlation rules, dashboards, and reports) aligned to MITRE ATT&CK.

Security Operations

• Design, implement, and maintain secure systems and networks including firewalls, IDS/IPS, NGAV/XDR/NDR, and deception solutions.
• Implement and manage IAM and PAM solutions in cooperation with application owners and IT teams.
• Implement and manage Data Loss Prevention (DLP) and Web Proxy solutions.
• Conduct security audits and compliance assessments (PCI-DSS, NIA, and other applicable frameworks).
• Participate in incident response activities including investigation, containment, and recovery.

Collaboration & Enablement

• Collaborate with cross-functional teams to embed security requirements into system and network design.
• Provide technical guidance to IT and network engineering teams on effective security control implementation.
• Conduct knowledge transfer sessions and produce documentation to upskill internal teams.

4. JOB REQUIREMENTS

Academic & Professional Qualifications

• Bachelor's degree in Computer Science, Information Systems, Engineering, or equivalent.
• Relevant security certifications: CISSP, CISM, CEH, or equivalent.
• ITIL v3 Foundation (desirable).

Experience

• 3–4 years of hands-on experience in information security or a similar field.
• Minimum 2 years of direct, hands-on experience with Tenable AND/OR Qualys vulnerability management platforms.
• Experience with SIEM platforms — Splunk strongly preferred; Azure Sentinel or QRadar considered.

Technical Skills — Must Have

• Proficiency in vulnerability management tools: Tenable (Nessus / Tenable.io / Tenable.sc) and/or Qualys (VMDR).
• Experience with SIEM technologies (Splunk preferred) for log analysis, correlation, and dashboarding.
• Hands-on experience with endpoint security tools: NGAV, XDR, NDR, and deception solutions.
• Technical experience with firewalls, IDS/IPS, IAM/PAM, DLP, and Web Proxy solutions.
• Strong understanding of networking: TCP/IP, VLANs, VPNs, routing/switching.
• Familiarity with compliance frameworks: PCI-DSS, NIA, and industry security best practices.

Soft Skills

• Strong analytical thinking and structured, documentation-driven mindset.
• Excellent communication skills — ability to convey complex security concepts to non-technical audiences.
• Ability to work independently, manage multiple priorities, and meet deadlines.

5. COMMUNICATIONS & WORKING RELATIONSHIPS

Internal: SOC (Tier 1, 2, 3 Analysts), IT Infrastructure & Network Engineering, Information Governance & Risk, Service Design & Service Operations

External: Clients, Technology Vendors (Tenable, Qualys, Splunk), Security Partners & MSSPs

6. HEALTH, SECURITY, SAFETY AND ENVIRONMENT

Ensure compliance with all relevant health, security, safety and environmental management policies, procedures and controls within own area, monitoring, reviewing, and evaluating on a continuous basis to guarantee employee safety, legislative compliance, delivery of high-quality service, and a responsible environmental attitude.