Security Engineer

Job Purpose:

The Security Engineer is responsible for safeguarding both cloud and on-premises infrastructures by designing, implementing, and maintaining security controls that protect company assets, systems, and data. This role plays a key part in vulnerability management, incident response, and security monitoring — ensuring compliance with internal and international standards.

The Security Engineer also supports threat intelligence, DLP operations, VAPT initiatives, and automation of security workflows across hybrid environments.

Responsibilities:

Security Architecture & Implementation

• Design and maintain secure architectures for AWS and on-premises environments, implementing security groups, IAM policies, GuardDuty, Security Hub, and WAF configurations.

• Integrate CDN and WAF providers such as Cloudflare, EdgeNext, and CDNetworks for DDoS mitigation, bot management, and web-application protection.

• Work closely with Network and Systems teams to implement secure routing, VPN (Connexa, OpenVPN), and firewall policies (Juniper, Cisco ASA).

• Enforce Zero-Trust and least-privilege principles across all systems and cloud workloads. Threat Intelligence & Monitoring

• Operate and maintain OpenCTI (Open Cyber Threat Intelligence) to collect, correlate, and analyze threat intelligence feeds and indicators of compromise (IOCs).

• Correlate OpenCTI data with SIEM logs and GuardDuty findings to improve detection capabilities.
• Contribute to the creation of actionable threat reports and share intelligence with incident response and SOC teams.

• Continuously assess new and emerging threats affecting the company's infrastructure and cloud footprint. Data Loss Prevention (DLP) & Compliance

• Manage and monitor Data Loss Prevention (DLP) alerts and workflows (e.g., Digital Guardian or Microsoft Purview DLP).

• Investigate, validate, and classify DLP alerts to ensure proper escalation of potential data leaks.

• Work with managers and department heads to validate incidents, document findings, and implement corrective actions.

• Ensure adherence to security standards and compliance frameworks (e.g., ISO 27001, NIST 800-53, GDPR).

• Develop and maintain incident validation and DLP record-keeping templates for audits and reporting

Vulnerability Assessment & Penetration Testing (VAPT)

• Plan, perform, and document Vulnerability Assessments and Penetration Tests across both on-premises and cloud systems.

• Coordinate remediation activities with Network, Systems, and DevOps teams to ensure timely patching of identified vulnerabilities.

• Use tools such as Nessus, OpenVAS, Metasploit, Burp Suite, and AWS Inspector to assess infrastructure and application security posture.

• Track vulnerabilities and mitigation status through centralized dashboards and weekly reports. Security Automation, Incident Response & Continuous Improvement

• Automate detection and response processes using Terraform, GitLab pipelines, and AWS automation workflows (Lambda, EventBridge).

• Participate in incident response, performing root-cause analysis and implementing preventive measures.

• Conduct regular security awareness training, tabletop exercises, and post-incident reviews.

• Recommend and implement continuous improvements to strengthen overall security posture of the infrastructure.

Documentation & Collaboration

• Maintain up-to-date documentation including security architecture diagrams, threat models, risk registers, and incident reports.

• Collaborate with Network Engineers, System Administrators, and DevOps to ensure alignment between security, performance, and availability goals.

• Support audits, compliance reviews, and risk-assessment exercises by providing detailed evidence and reports

Qualifications

• Bachelor's degree in information security, Computer Science, or a related field.

• Minimum 2 years of experience in infrastructure or cloud security engineering.

• Strong hands-on expertise in:

o Threat Intelligence: OpenCTI or similar platforms (MISP, TheHive)

o DLP Tools: Digital Guardian, Microsoft Purview DLP, or equivalent o VAPT: Nessus, OpenVAS, Burp Suite, Metasploit, AWS Inspector o Cloud Security: AWS GuardDuty, Security Hub, IAM, WAF o Network Security: Juniper Firewall, Cisco ASA, Nginx WAF, VPN (Connexa/OpenVPN)

o CDN Security: Cloudflare, EdgeNext, CDNetworks

o Automation: Terraform, GitLab CI/CD pipelines

• Solid understanding of TCP/IP, DNS, HTTP/S, SSL/TLS, VPN, SIEM, and IDS/IPS concepts.

• Preferred certifications: o AWS Security Specialty, CompTIA Security+, CEH, CISSP, or ISO 27001 Lead Implementer/Auditor

• Strong analytical mindset, excellent incident handling, and documentation skills.

• Proactive and collaborative, with a strong sense of accountability and security ownership.