Senior Security Engineer

Experience : 8-15 Years

Preferred Qualifications :

• Accountable for design, development, implementation of Security controls for cloud-based solutions.
• Support Security Operations functions and Serve as primary contact for information security incidents investigation, coordinate incident response and reporting.
• Responsible for internal / external audit and information security assessments by client
• Support Development of policies, standards, processes and procedures guidelines and other related documentation for Security Monitoring.
• Lead security controls implementation to comply with regulations and policies and relevant frameworks / standards such as ISO27001, NIST, ITSG-33.
• Monitor and manage security dashboards in Azure Sentinel / Azure Security Center / Office 365, customize dashboards and reports, produce metrics per client needs.
• Monitor health of Security solutions such as Firewall, Intrusion prevention Systems, Identity management, Endpoint Security, etc.

for cloud based and on-premise systems.

• Work with Business and IT Tier2 / Tier3 Support engineers and / or vendor’s / partner technology teams to resolve issues
• The ability and flexibility to work in shifts when necessary, Prepare Shift turnover and Shift Report to ensure continuous smooth
• Support pre-sales activity for new initiatives and potential opportunities.
• Guide junior Security operations teams in incident response and SOC functions.
• Has minimum of 4 years of experience working with Information Security Engineer or Incident Management / Security Operations roles.
• Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc in cloud environments.
• Subject matter level expert knowledge of common information security management frameworks, such as NIST / ISO / COBIT
• Good Understanding of networking protocols such as IPVPN, TCP / IP, UDP, IPSec, DNS, NTP, Firewalls, ACLs
• Knowledge of malware operation and indicators, threat landscape (threat actors, APT, cyber-crime, etc.)
• Experience in the producing threat & risk assessment reports.
• Experience in the delivery of IT Security awareness and training
• Protocol analysis experience using tools such as Wireshark, Gigastor, Netwitness, etc.
• Experience with SIEM tools and platforms such as : Splunk, Azure Sentinel
• Good understanding of computer forensic techniques and methodologies.
• Strong understanding of ITSG-33 requirements and Government of Canada Security Assessment process
• Experience with security assessments and authorization (SA&A) activities for IT systems.
• Proven interpersonal and collaborative skills, with the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels.

Certifications :

• SANS : GCIH, GCFA
• Certified Ethical Hacker (CEH)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)

Cloud-specific security certifications in Azure or AWS.