Job Description

Job SummaryWe are seeking an experienced and highly motivated Senior Security Engineer to lead the design, implementation, and management of our organization’s security infrastructure. This role will focus on proactively protecting systems, networks, and applications from internal and external threats while ensuring compliance with industry regulations and best practices. The ideal candidate will possess a strong technical background, excellent problem-solving skills, and the ability to communicate effectively across departments.Key ResponsibilitiesSecurity Architecture & Engineering· Design, implement, and maintain security solutions including firewalls, SIEM, EDR, DLP, VPNs, IDS/IPS, and zero trust architecture.· Provide technical expertise on encryption, authentication, cloud security, and secure network design.· Conduct threat modeling and develop mitigation strategies for on-prem, cloud, and hybrid environments.Monitoring & Incident Response· Lead incident response efforts including triage, investigation, containment, eradication, and lessons learned.· Maintain and tune threat detection systems (SIEM, EDR) to ensure actionable alerts and timely response.· Conduct root cause analysis on security incidents and develop playbooks for repeatable, automated response.Vulnerability & Risk Management· Perform regular vulnerability assessments and penetration tests; track remediation and provide executive-level reporting.· Conduct risk assessments and support audit activities (HIPAA, PCI-DSS, NIST, ISO 27001).· Work with DevOps/IT to validate secure configurations, patch management, and system hardening.Governance, Compliance & Training· Develop and enforce security policies, procedures, and standards aligned to industry frameworks.· Support compliance efforts across internal stakeholders and external auditors.· Deliver security awareness and secure coding training to engineering and business teams.Cross-Functional Collaboration· Partner with IT, Legal, HR, and business units to align security initiatives with organizational goals.· Participate in software development lifecycle (SDLC) and CI/CD pipeline reviews to ensure security-by-design.· Advise procurement teams on security requirements for third-party vendors and SaaS solutions.QualificationsRequired· Bachelor’s degree in computer science, Information Security, or related field—or equivalent experience.· Minimum 5–8 years in cybersecurity, with at least 2 years in a senior-level role.· Strong understanding of networking, system administration (Windows/Linux), and cloud environments (Azure, AWS, or GCP).· Deep knowledge of industry standards: NIST, CIS, MITRE ATT&CK, OWASP, ISO 27001.· Hands-on experience with security platforms: SIEM (e.g., Splunk, Sentinel), EDR (e.g., CrowdStrike, Defender), and vulnerability scanners (e.g., Tenable, Qualys).Preferred· Certifications: CISSP, OSCP, GIAC (GSEC/GCIH/GCIA), CISM, or relevant cloud security certifications.· Experience in regulated industries such as healthcare, finance, or government.· Familiarity with Kubernetes, containers, Terraform/IaC, and DevSecOps practices.