Security Engineer

About The Position

Requirements

• Experienced security professional with a strong background in networking, infrastructure, and security, ideally gained in organizations of various sizes and through working in multiple roles with diverse technologies and products.
• Understanding of core principles of how modern infrastructure technologies operate (such as virtualization of computing and networking, containers, cloud computing, SaaS, PaaS etc) and the security aspects of these technologies
• Solid understanding of the operation of LAN/WAN IP-based networks (TCP/IP, routing/switching, VLANs, NAT, DNS, DHCP)
• Understanding of principles of applied cryptography - symmetric/asymmetric encryption, hashing, SSL/TLS, SSH, PKI, IPSec, site-to-site/remote access VPN, disk encryption, HSM
• Understanding of attack vectors against modern enterprises: phishing, ransomware, malware, DoS/DDoS, drive-by, MITM, various type of injection (i.e. SQL), cross-site scripting, etc.; methods of defense from these attacks
• Knowledge of common security principles, concepts, and methods (authentication, authorization, single sign-on, network segregation, DMZ, Zero Trust, defense-in-depth, penetration testing, sandboxing etc.)
• Ability and desire to code, script and automate in order to improve own and team's operational efficiency
• Understanding of aspects of application delivery in principle and firewalling/load balancing in particular
• Understanding of HTTP operation and associated concepts (its methods, cookies, sessions, caching, CDNs, HTTP-based applications and protocols etc)
• Understanding of principles of operation of NextGen/L7 firewalls and experience with one of the market-leading vendors
• Practical knowledge of Windows (including AD) and Linux
• Knowledge of SSL/TLS traffic handling and encrypt/decrypt policies.
• Team-player who enjoys working in a collaborative and collegial environment and is an active contributor as part of a global team
• Ability to work calmly under pressure and meet deadlines and solve problems requiring creativity, initiative and drive; self-motivated and enjoys a sense of pride in their accomplishments
• Ability to present ideas in a user-friendly, business-friendly and technical language
• Strategic self-starter with an innovative mindset and outstanding attention to detail

Responsibilities

• Design, implement, and manage network security solutions, including firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and network access control (NAC).
• Analyze network traffic for potential security threats and vulnerabilities.
• Develop and enforce network security policies, procedures, and standards.
• Configure and manage secure email gateways to protect against phishing, spam, malware, and other email-based threats.
• Implement and maintain email encryption protocols.
• Conduct regular security assessments and audits of email systems.
• Deploy and manage endpoint security solutions, including antivirus, antimalware, EDR (Endpoint Detection and Response), and DLP (Data Loss Prevention) tools.
• Ensure endpoint devices are compliant with security policies and have the latest security patches and updates.
• Respond to and mitigate endpoint security incidents.
• Develop and manage vulnerability management programs, including regular scanning, assessment, and remediation.
• Collaborate with IT teams to prioritize and address vulnerabilities based on risk and impact.
• Track and report on the status of vulnerability remediation efforts.
• Implement and manage security controls across various cloud platforms (e.g., AWS, Google Cloud, Microsoft Azure).
• Ensure the security of cloud-based infrastructure, applications, and services.