Information Security Engineer

15 January, 2026

IT Services and IT Consulting

VAPORVM IT SERVICES DMCC

Job Overview

We are seeking a skilled Information Security professional to support and strengthen the organization’s security posture across operations, governance, risk, and compliance. The role involves hands-on security operations, vulnerability management, security tooling, and compliance support within a regulated enterprise environment.

Information Security Operations

• Manage and operate daily security controls across the environment
• Investigate, analyze, and respond to security incidents and alerts
• Maintain and support endpoint security, email security, and threat detection tools
• Review and update security procedures, baselines, and system hardening standards

Governance, Risk & Compliance (GRC)

• Enforce information security policies, standards, and procedures
• Lead risk assessments for systems, applications, and third-party vendors
• Ensure compliance with regulatory, contractual, and internal security requirements
• Prepare security metrics, KPIs, and management reports
• Support internal and external security audits and maintain evidence repositories

Vulnerability & Patch Management

• Conduct regular vulnerability assessments and scans
• Analyze, prioritize, and track remediation of identified vulnerabilities
• Coordinate patch management activities with IT teams and Managed Service Providers (MSPs)
• Perform re-scans to verify successful remediation
• Align vulnerability management practices with CIS, NIST, and industry frameworks

Security Tools & Monitoring

• Administer and monitor security platforms including SIEM, EDR, MDM, MFA, and DLP
• Maintain continuous security visibility and alerting
• Identify gaps and recommend monitoring and detection improvements

Security Awareness

• Support cybersecurity awareness programs, training content, and compliance tracking

Required Skills & Qualifications

• Bachelor’s degree in Information Security, Computer Science, or related field
• Proven experience in information security operations and GRC
• Hands-on experience with security tools and monitoring platforms
• Strong understanding of incident response, vulnerability management, and compliance frameworks
• Familiarity with NIST, CIS, ISO 27001, or similar standards
• Excellent documentation, reporting, and communication skills