Cyber Security Lead Engineer

Objective: (summary about the position)

Seeking a highly experienced Security Lead Engineer to lead the design, implementation, and continuous improvement of cybersecurity measures across our hybrid environment. This role requires overseeing infrastructure, application, and cloud security; managing threat detection and response systems; guiding the security posture of internally developed software; and ensuring regulatory compliance through GRC frameworks. The ideal candidate brings technical depth, leadership capabilities, and a proactive mindset to protect our digital assets and business operations.

Responsibilities:

• Security Architecture & Strategy
• Design, integrate, and maintain end-to-end security architecture for on-premises and cloud environments
• Ensure secure network topology including segmentation, access control, and VPN tunnels
• Lead development and enforcement of security policies, procedures, and best practices
• Work closely with developers and IT architects to embed security into application and infrastructure design
• SOC, SIEM, and Threat Management
• Oversee the operation and tuning of Security Operations Center (SOC) including SIEM platforms
• Manage endpoint protection through EDR and threat-hunting solutions
• Manage and enhance email security systems to protect against phishing, malware, and spam, ensuring compliance with organizational security policies
• Lead incident response efforts and develop threat prevention strategies
• Application and Cloud Security
• Supervise vulnerability scanning and penetration testing for internally developed applications
• Lead WAF deployment and optimization to protect business-critical web applications
• Implement security best practices and policy enforcement across multi-cloud environments
• Governance, Risk & Compliance (GRC)
• Drive cybersecurity-related compliance programs (e.g., SOC 2 Type 2, ISO 27001)
• Lead cross-functional GRC initiatives and support internal/external audits
• Manage security risk assessments and recommend mitigation strategies
• Documentation & Collaboration
• Maintain detailed documentation for security controls, policies, systems, and incidents
• Plan and conduct quarterly security awareness sessions to educate staff on emerging cyber threats, security best practices, and the organization's security policies
• Work collaboratively with software engineers, network teams, DevOps, and business units
  
  

Requirements

Min requirements:

• Education: Bachelor's degree in engineering, Computer Science, Information Security or a related field
• Experience:
• 7 years in cybersecurity and information security roles
• 5+ years of hands-on experience in security architecture and threat management
• Qualifications necessary for the vacancy
• Proven expertise in:
• Security architecture for hybrid cloud/on-prem setups
• Firewalls, WAF, EDR, SIEM, UTM, IPS, Proxy, and DDoS mitigation
• Network security protocols, subnetting, VPNs, and access control models
• Set of skills necessary for the vacancy
• Problem-Solving and Analytical Skills:
• Ability to diagnose and resolve complex technical issues efficiently
• Skilled in designing and implementing scalable and secure IT solutions
• Organizational Skills:
• Strong ability to manage multiple projects and prioritize tasks effectively
• Commitment to meeting deadlines and maintaining high-quality standards
• Communication and Teamwork:
• Excellent written and verbal communication skills
• Ability to collaborate effectively with team members and stakeholders
• Certifications (Desirable):
• CISSP, CISM, CEH, OSCP, CCSP
• Cloud security certifications (e.g., AWS Security Specialty, Microsoft SC-100/SC-200)
• IT governance certifications (e.g., ISO 27001 LA, CISA)