Job Openings Security Engineer

About the job Security Engineer

Key Responsibilities

Cybersecurity Management (40%)

  • Develop and maintain security standards and processes to support compliance requirements.
  • Oversee cybersecurity operations and ensure alignment with internal policies and external regulations.

  • Review product designs and system changes to identify and resolve security gaps.

  • Prepare and manage audit readiness for frameworks such as SOC2 Type 2 and HiTrust.
  • Define strategy for cybersecurity audits from development, operations, and security perspectives.
  • Manage security tooling, implement vulnerability scanning and penetration testing cycles, and ensure remediation of issues.

  • Produce compliance and audit documentation for clients and regulators.

Infrastructure Security (30%)

  • Plan, deploy, and maintain IT systems and cloud infrastructure with a security-first approach.
  • Detect and prevent vulnerabilities across networks, cloud environments, and applications.
  • Define secure hardware and software standards in collaboration with stakeholders.
  • Support disaster recovery and crisis management processes, ensuring business continuity.
  • Work with IT and DevOps teams to optimise vendor solutions and enforce security baselines.

Risk & Compliance (20%)

  • Collaborate with leadership to centralise risk management and implement mitigation strategies.
  • Automate security controls and support compliance across development lifecycles.
  • Conduct regular reviews of security policies, processes, and infrastructure configurations.

  • Address and remediate risks identified during audits or security reviews.

  • Document risks, processes, and outcomes in line with compliance frameworks.

Documentation & Quality Management (10%)

  • Maintain a cybersecurity roadmap and audit calendar.

  • Oversee documentation of penetration tests, vulnerability scans, and remediation plans.

  • Ensure records are updated and accessible for audits and client requests.

  • Maintain centralised documentation for system architecture, assets, and vulnerabilities.

Requirements

Education

  • Bachelors degree in Computer Science, Software Engineering, or related discipline (essential).

  • Professional security certifications desirable: OSCP, PNPT, CISSP, CCSP.

Experience

  • Minimum 5 years in software/technology environments.

  • At least 3 years focused on cybersecurity.

  • Hands-on experience with AWS (Well Architected Framework, GuardDuty, IAM, ECS/EKS, etc.).
  • Proven record in penetration testing, vulnerability scanning, incident response, and security design.

Skills & Knowledge

  • Strong understanding of automation, security engineering, and architecture design principles.

  • Proficiency with observability tools (logging, monitoring, performance tracking).

  • Administration of Linux/Windows environments, networking, and distributed computing.
  • Knowledge of firewalls, intrusion detection/prevention, SOAR, EDR, and threat hunting.

  • Familiarity with containerisation and orchestration (Docker, Kubernetes, ECS).


Or refer someone