Security Engineer

Role Overview

The Security Engineer is responsible for designing, implementing, and maintaining security technologies that protect the organization's IT and OT infrastructure. The role focuses on strengthening the security architecture, integrating security tools, improving detection capabilities, and supporting the Security Operations Center (SOC) in responding to cybersecurity incidents.

Key Responsibilities

Security Architecture & Engineering

• Design, implement, and maintain security controls across enterprise IT and OT environments.
• Deploy and manage security technologies such as SIEM, EDR, firewalls, IDS/IPS, and network security monitoring tools.
• Engineer integrations between security platforms to improve detection and response capabilities.

Monitoring & Detection Support

• Enhance SIEM use cases, detection rules, and correlation logic.
• Integrate data sources such as firewalls, endpoint security solutions, network devices, and OT security platforms (e.g., Nozomi).
• Support SOC teams by improving threat detection capabilities and reducing false positives.

Incident Response & Investigation

• Support investigation and containment of cybersecurity incidents.
• Develop automation and playbooks to improve response efficiency.
• Assist in forensic analysis and root cause investigation of security incidents.

Security Tool Management

• Manage and maintain security tools including:
• SIEM platforms
• Endpoint Detection and Response (EDR)
• Network Detection and Response (NDR)
• Firewalls and security gateways
• OT security monitoring platforms

Security Hardening & Best Practices

• Implement system hardening guidelines for servers, network devices, and endpoints.
• Support vulnerability management and remediation activities.
• Ensure security configurations align with industry standards and frameworks.

Collaboration

• Work closely with SOC analysts, network engineers, and IT teams to improve overall security posture.
• Support deployment of security controls in new infrastructure and systems.
• Provide technical expertise for security-related projects.

Required Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, Information Security, or related field.
• 35 years of experience in cybersecurity engineering or security operations.
• Experience with SIEM platforms (Splunk, QRadar, Elastic SIEM, Sentinel, etc.).
• Experience with network security technologies (firewalls, IDS/IPS, VPNs).
• Knowledge of endpoint security solutions and EDR platforms.
• Experience integrating logs and data sources into SIEM platforms.
• Strong understanding of networking protocols and security architecture.

Preferred Qualifications

• Experience with OT security platforms (Nozomi, Claroty, Dragos).
• Knowledge of threat detection engineering and security automation.
• Familiarity with MITRE ATT&CK framework.
• Experience with SOAR platforms and security automation.
• Security certifications such as:
• CEH
• CISSP
• GIAC
• Security+

Key Skills

• Security engineering and architecture
• SIEM and detection engineering
• Incident response and threat investigation
• Network and endpoint security
• Security automation and scripting (Python, PowerShell, etc.)
• Analytical and problem-solving skills