Cyber Security Engineer

Role Purpose

The Senior Cyber Security Engineer is responsible for protecting the organization's information systems, networks, applications, and digital assets from cyber threats. The role involves designing and implementing security controls, monitoring security events, conducting risk assessments, responding to incidents, and ensuring compliance with cybersecurity standards and best practices.

The ideal candidate will possess strong technical expertise in information security, threat management, security operations, and risk mitigation while contributing to the organization's overall security strategy.

Key Responsibilities

Security Operations & Monitoring

• Monitor and analyze security events, alerts, and incidents across the organization.
• Manage and optimize security tools such as SIEM, EDR, IDS/IPS, firewalls, and antivirus solutions.
• Conduct threat hunting and proactive security monitoring activities.
• Investigate suspicious activities and coordinate incident response efforts.

Security Architecture & Implementation

• Design, implement, and maintain enterprise security solutions and controls.
• Ensure secure configuration of networks, servers, endpoints, and cloud environments.
• Evaluate and recommend security technologies and improvements.
• Support secure software development and application security initiatives.

Risk Management & Compliance

• Conduct vulnerability assessments and security audits.
• Perform risk assessments and recommend mitigation measures.
• Ensure compliance with ISO 27001, NIST, PCI-DSS, and other applicable standards.
• Develop and maintain security policies, procedures, and documentation.

Incident Response & Business Continuity

• Lead security incident investigations and remediation activities.
• Coordinate digital forensic analysis when required.
• Develop and test incident response and disaster recovery plans.
• Prepare post-incident reports and improvement recommendations.

Training & Stakeholder Engagement

• Conduct cybersecurity awareness and training sessions for employees.
• Collaborate with internal teams and external vendors on security initiatives.
• Provide regular security reports and updates to management.
• Mentor junior security team members and promote security best practices.

Job Specification

Education

• Bachelor's degree in Computer Science, Cyber Security, Information Security, Information Technology, or a related field.

Experience

• 3–5 years of experience in Cyber Security, Information Security, or Network Security.
• Experience in Security Operations, Incident Response, Risk Management, and Security Compliance.

Skills Required

• Strong knowledge of network security, cloud security, and endpoint protection.
• Hands-on experience with SIEM platforms (Splunk, QRadar, Microsoft Sentinel, etc.).
• Experience with vulnerability management tools (Nessus, Qualys, OpenVAS).
• Knowledge of firewalls, IDS/IPS, VPNs, IAM, and security protocols.
• Understanding of Windows, Linux, and cloud platforms (AWS, Azure, GCP).
• Strong analytical, problem-solving, and incident investigation skills.
• Excellent communication and reporting abilities.

Certifications (Preferred)

• CEH (Certified Ethical Hacker).
• Comp TIA Security+.
• ISO 27001 Lead Implementer / Lead Auditor.
• CCSP (Certified Cloud Security Professional).

Other Requirements

• Ability to work under pressure and manage critical security incidents.
• Strong attention to detail and commitment to security best practices.
• Willingness to stay updated with evolving cybersecurity threats and technologies.
• Ability to work collaboratively with cross-functional teams.

Preference

Candidates with proven experience in Security Operations Centers (SOC), threat hunting, incident response, cloud security, and cybersecurity compliance frameworks will be given priority.

Location:
Karachi,Pakistan

Note: This is a strictly onsite role. Remote and hybrid work arrangements are not available for this position.

Job Type: Full-time

Application Question(s):

• Current Salary
• Expected Salary
• Which vulnerability management tools have you used?

□ Nessus
□ Qualys
□ OpenVAS
□ Rapid7
□ Other: ______

• Which cybersecurity compliance frameworks have you worked with?

□ ISO 27001
□ NIST
□ PCI-DSS
□ CIS Controls
□ Other: ______

• Do you have experience managing or configuring the following?

□ Firewalls
□ IDS/IPS
□ VPNs
□ IAM Solutions
□ EDR/XDR Tools

• Which cybersecurity certifications do you currently hold?

□ CEH
□ CompTIA Security+
□ ISO 27001 Lead Auditor
□ ISO 27001 Lead Implementer
□ CCSP
□ CISSP
□ Other: ______

• Yes

No

• How many years of professional experience do you have in Cyber Security, Information Security, or Network Security?
• Which SIEM platforms have you used?

□ Splunk
□ QRadar
□ Microsoft Sentinel
□ ArcSight
□ Other: ______

Work Location: In person