Job Title
Security Engineer
Job Summary
The Security Engineer position presents an exciting opportunity for an information security professional to research, evaluate and implement new security products and tools. The role would also provide recommendations on improving the effectiveness of implemented products and the overall security posture of the organization. The ideal candidate would have 6-8 years of strong hands-on experience evaluating, engineering, implementing and managing security solutions in large and complex environments.
Job Responsibilities
Assess the effectiveness of current security controls and the gaps in their implementation or operation
Research and evaluate security solutions in the market against internal requirements and security standards, and provide assessments of added benefits the organization will realize when a new security solution is introduced
Create RFIs and RFPs based on requirements and work with vendors to ensure timely responses
Conduct Proof-of-Concept (POC) exercises and security evaluations for identified solutions
Liaise with vendors to ensure solutions are evaluated and implemented within project timelines
Lead the implementation of new security solutions and provide recommendations on how best to integrate them into the existing IT environment
Work with domain engineers to implement security solutions and provide configuration specifications and best practices
Ensure security solutions are engineered and implemented appropriately to derive maximum value and return on investment
Develop evaluation reports, design documents and operational procedures/manuals for security solutions
Experience / Skills
Strong technical skills and hands-on experience implementing and managing security solutions
Ability to translate security requirements to engineering specifications
Experience with preparing RFIs and RFPs
Experience with conducting proof-of-concept exercises and evaluations of security products/tools
Experience with managing vendors to ensure quality and timely delivery
Understanding of Windows and Linux operating system internals
Understanding of cryptography and Public Key Infrastructure (PKI) concepts
Familiarity with scripting and scripting tools (Python, PowerShell, Bash, etc.)
Strong, hands-on experience with four or more of the following:
Cloud security solutions (Cloud Access Security Brokers, Cloud Security Posture Management, etc.)
DevSecOps tools (Security testing tools, Container security, etc.)
Identity & Access Management solutions (Single Sign On, Privileged Access Management, Multi Factor Authentication, etc.)
Network security solutions (Firewalls, IPS, Network Access Control, Web Application Firewall, Secure Web Gateways, Secure Email Gateways, etc.)
Data security solutions (Encryption, Information Rights Management, Data Loss Prevention, etc.)
Endpoint security solutions (Anti-Virus, Endpoint Detection & Response, etc.)
Security analytics solutions (Security Information & Event Management, User & Entity Behavior Analytics, etc.)
Industry certifications are a plus, but not as important as past (and recent) experience in the above mentioned areas and responsibilities. Some of the preferred certifications include CISSP, CCSP, CEH, OSCP or vendor certifications from Microsoft, AWS, VMWare or Cisco.
Candidates from local UAE offices will be given preference.