We are seeking a highly skilled Security Engineer to design, build and optimise our security platform and controls across on‑prem and cloud. Partnering with SOC/incident response, IT/DevOps and business teams, you will strengthen SIEM analytics, EDR policy and response, identity and access (IAM) controls, and security logging/retention to accelerate detection, containment and risk‑based decision making. (This role includes core traditional security engineer responsibilities.)
Key Responsibilities
Endpoint & Detection Operations
- Operate and fine-tune EDR, ensuring high visibility and timely response to detections.
- Investigate alerts, triage incidents, and coordinate remediation with IT and engineering teams.
- Develop and maintain detection rules, response playbooks, and operational dashboards.
Vulnerability & Exposure Management
- Run regular vulnerability scans across endpoints, servers, and cloud workloads.
- Prioritise findings based on exploitability and asset criticality.
- Work with system owners to track remediation progress and verify fixes.
Cloud Security (AWS Focus)
- Review and improve AWS configurations using AWS tools or CNAPP / CSPM monitoring tools (e.g., Wiz, Orca)
- Support secure architecture and IaC practices (Terraform, CloudFormation) with dev teams.
- Automate checks and alerting for misconfigurations and policy violations.
Secure Development & DevSecOps (Nice to Have)
- Support developers on secure coding practices and pipeline integration (e.g., Snyk).
- Review secrets management, API credential handling, and CI/CD pipeline security.
Identity & Access Control
- Implement and maintain least privilege and MFA policies across systems.
- Assist with SSO/SCIM integrations (e.g., Entra ID, 1Password, Cloudflare Zero Trust).
Collaboration & Continuous Improvement
- Work alongside IT Operations and Cloud teams to deploy, harden, and monitor security tools.
- Participate in incident response exercises, phishing simulations, and post-incident reviews.
- Contribute to process documentation and internal knowledge base (e.g., runbooks, playbooks).
Requirements
- 4–6 years of hands-on security experience, ideally in endpoint protection, cloud security, or vulnerability management.
- Strong working knowledge of AWS security services, IAM, and network fundamentals.
- Practical experience with EDR tools (CrowdStrike, Defender, etc.) and vulnerability scanners (Qualys, Tenable, etc.).
- Solid understanding of incident response, detection engineering, and access control principles.
- Exposure to security frameworks (ISO 27001, SOC 2, NIST) is a plus, but not mandatory.
- Clear communicator who can explain security findings to both technical and non-technical teams.
Benefits
- Hybrid working arrangement - 2 Days of remote work per week
- Opportunities for enriching career growth, including exposure to regional contexts
- Complimentary snacks and beverages available in the office pantry
- Healthcare coverage (medical, dental, optical), gym benefits
- Flexibility in smart casual dress code
- Young, vibrant and open work culture