Cyber Safety and Security Engineer - Hybrid - Contract

Our Client a Global Tech firm is seeking a Cyber Safety and Security Engineer to join their team in Rosebank (2 days onsite and 3 days work from home) on a contract basis. They offer stability, growth and a great working environment.

The Manager, Security Platform Engineering is a seasoned managerial role and forms part of the Global Cybersecurity Incident Response Team (CSIRT) team, and is responsible for providing operational management and support to a team of CSIRT Security Platform Engineers who are accountable for detecting and monitoring escalated threats and suspicious activity affecting technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).

This role works closely with cross functional teams and learns more about new security tools and technologies that are getting onboarded. This roles also learns more about the administration, monitoring and maintenance of the security tools/technologies.

The Manager, Security Platform Engineering is a people management role, accountable for fostering a collaborative and innovative team culture focused on achieving operational excellence.

Key Roles and Responsibilities:

Analyze information to identify security control and/or capability gaps that impacts the organizations security posture

Provide advice and consultancy to internal customers on application and infrastructure threats and vulnerability remediation

Consume and prioritize vulnerability results; provide remediation guidance and help eliminate false positives.

Attend design and application architectural reviews and actively lead the discussions from a security standpoint

Create formal written documentation of findings and recommendations to address vulnerabilities; assist development teams with writing patches for discovered vulnerabilities; assist security, server management, desktop, private/public cloud and application development teams with identifying and remediation of vulnerabilities

Enhance the current controls and oversight of the various compute environments (private/public cloud, IaaS, PaaS and SaaS), reviewing configuration and designs and documenting improvements when necessary.

Expand the use of automation in securing the environment and across multiple technology platforms.

Provide the Interface between the local business unit and the global security team.

Knowledge, Skills and Attributes:

Strong analytical skills and cross functional knowledge across multiple security platforms and other infrastructure disciplines

Deep knowledge of Infrastructure security architectures, vulnerabilities and controls including Active Directory, Azure Active Directory, Cloud IaaS/PaaS and network implementations.

Deep knowledge of application security vulnerabilities, testing techniques, and the OWASP framework. Experience in using security tools across different facets of infrastructure and applications. (SIEM, EDR, Threat Hunting (scripting), Vulnerability Exploitation, IAM, PAM etc.)

Skilled in Security Penetration covering Microsoft Enterprise Environment (On-Premises and Cloud)

Skilled in the Microsoft Security Stack (Defender, Sentinel, Endpoint Management)

Skilled PowerShell & API Scripter (Python, C++, KQL will be advantageous)

Experience in Penetration Testing and/or simulating of security events for controlled testing and validating of infrastructure and application environments

Be able to articulate vulnerabilities, defects, technical controls and risks, with the Business in a manner that can be easily understood.

Experience of Security frameworks like NIST and IEC 62443

Strong Investigation and Postmortem analysis skills with the expectation to discuss the root causes of an issue as they come up.

Solid project management skills.

Strong written and verbal communication skills. Good problem-solving skills.

Academic Qualifications and Certifications:

Degree or relevant qualification in IT/Computing

Relevant level of Networking certifications such as CCNA,

Relevant level of Security certifications

Required Experience:

Advanced experience in leading and managing Security teams

Advanced experience in Security technologies like (Firewall, IPS, IDS, Proxy etc.)

Advanced experience in technical support to clients

Advanced experience in diagnosis and troubleshooting

Advanced experience providing remote support in Security Technologies

Advanced experience in SOC/CSIRT Operations

Advanced experience in handling security incidents end to end

Knowledge on networking, Linux and security concepts

Advanced experience in configuring/managing security controls such as Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, HoneyPots and other security tools

Knowledge on log collection mechanism such as Syslog, Log file, DB API

Knowledge in security architecture

Advanced experience in Security Engineering

Skills Summary

Information Security Compliance, Information Security Engineering, Information Security Incident Management, Information Security Management, Information Security Operations, People Management