Security Engineer

Key responsibilities

· Ability to develop, design secure solutions and produce a Security Design documenting the controls.

· The ability to deconstruct a solution / network architecture.

· Ability to identify and mitigate against threats and vulnerabilities associated with proposed solutions and evaluate the soundness of solutions using industry standard practices (e.g., STRIDE, MITRE).

· Demonstrate the ability to interpret threats into Risks, using your knowledge and experience to assist the business in assessing likelihood and impact.

· Effectively communicate technical concepts to both technical and non-technical collaborators.

· Skills to produce and articulate Security Designs to all collaborators within the project and business.

· Comfortable weighing the risks and benefits of competing Security design options. · Comfortable working on multiple challenging projects simultaneously

Key skills

* Designing and implementing security solutions to support meeting industrial and security frameworks such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP.

* Proven experience in risk assessment, threat modelling and implementing security controls.

* Expertise in managing user identities and securing access to systems.

* Knowledge of encryption, hashing, and tokenization techniques for data privacy.

* Understanding secure software development lifecycles (SDLC) and integrating security into CI/CD pipelines.

* Proficient in network protocols, perimeter security to protect infrastructures and applications.

* Certifications in Security Management such as CISSP / CISM / CCSP or equivalent.

* Certifications in technical Security domains such as CEH / OSCP or equivalent.

* Experience of Public and or Private cloud environments. Experience with multi-cloud security environments (GCP, AWS and Azure).

* Proven experience managing multiple high priority security projects simultaneously