The Sr. Security engineer is responsible for providing expert guidance in designing, implementing, and reviewing security architectures across a wide range of technologies and environments. This role involves developing secure solutions for applications, infrastructure, and network environments, including Web Application Firewalls, IPS, Database Activity Monitoring (DAM), Privileged Access Management (PAM), Network Access Control (NAC), Mobile Device Management (MDM), Secure Remote Access, and Patch Management. A key focus will be on applying Zero Trust Architecture principles and integrating supporting technologies to maintain robust security standards.
Security Architecture and Engineering:
- Develop security architecture blueprints for new and existing systems, ensuring alignment with the organization's overall security strategy
- Design and implement secure solutions that cover Web Application Firewalls (WAF), Intrusion Prevention Systems (IPS), Database Activity Monitoring (DAM), Privileged Access Management (PAM), Network Access Control (NAC), Mobile device management (MDM). and Secure Remote Access
- Integrate DDoS prevention, ransomware protection, and other threat mitigation strategies into design frameworks
- Oversee the deployment of security architectures, ensuring smooth implementation and minimizing disruption to operations
- Collaborate with other IT and security teams to ensure the correct configuration of security technologies like IPS, PAM, and Endpoint Security solutions
- Conduct at least quarterly reviews and updates of existing security designs to incorporate the latest threat intelligence and security trends
- Ensure all designs are compliant with internal and external security standards, including ISO 27001, NIST, GDPR, and other relevant regulations
Implementing zero trust architecture and framework:
- Develop and communicate a Zero Trust Architecture roadmap, covering phased implementation across applications, infrastructure, and network layers
- Conduct security posture assessments to identify vulnerabilities, gaps, and areas for Zero Trust integration
- Design and implement robust authentication and authorization protocols (e.g., MFA, SSO) to enforce least privilege and verify every access attempt
- Apply micro-segmentation strategies to control and limit lateral movement within the network
- Implement and manage continuous monitoring and anomaly detection to identify, isolate, and respond to suspicious activities in real-time
- Collaborate with IT and DevOps teams to integrate ZTA in new and existing systems without compromising performance
- Educate stakeholders and train IT staff on Zero Trust principles and specific security controls
- Maintain and update the Zero Trust model as security threats evolve and new solutions are introduced
- Reduce mean time to detect (MTTD) and mean time to respond (MTTR) to threats by 30% within the Zero Trust environment
Requirements
- Bachelor of Science in Computer Science, Cybersecurity, or a related field
- Minimum 5 - 7 years of experience application security or a related field
- Relevant certifications (e.g., CISSP, TOGAF, AWS Security / Azure Security AZ500) are highly desirable