Security Engineer

Key responsibilities

· Ability to develop, design secure solutions and produce a Security Design documenting the controls.

· The ability to deconstruct a solution / network architecture.

· Ability to identify and mitigate against threats and vulnerabilities associated with proposed solutions and evaluate the soundness of solutions using industry standard practices (e.g., STRIDE, MITRE).

· Demonstrate the ability to interpret threats into Risks, using your knowledge and experience to assist the business in assessing likelihood and impact.

· Effectively communicate technical concepts to both technical and non-technical collaborators.

· Skills to produce and articulate Security Designs to all collaborators within the project and business.

· Comfortable weighing the risks and benefits of competing Security design options. · Comfortable working on multiple challenging projects simultaneously

Key skills

• Designing and implementing security solutions to support meeting industrial and security frameworks such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP.
• Proven experience in risk assessment, threat modelling and implementing security controls.
• Expertise in managing user identities and securing access to systems.
• Knowledge of encryption, hashing, and tokenization techniques for data privacy.
• Understanding secure software development lifecycles (SDLC) and integrating security into CI/CD pipelines.
• Proficient in network protocols, perimeter security to protect infrastructures and applications.
• Certifications in Security Management such as CISSP / CISM / CCSP or equivalent.
• Certifications in technical Security domains such as CEH / OSCP or equivalent.
• Experience of Public and or Private cloud environments. Experience with multi-cloud security environments (GCP, AWS and Azure).
• Proven experience managing multiple high priority security projects simultaneously.