Job Description
Summary
About the Role
We are seeking an experienced Security Professional with a strong background in Enterprise Security and experience in implementing and maintaining security compliance standards like ISO 27001, SOC 2, etc.
As a Corporate Security Engineer Level 3, you will be responsible for ensuring the integrity, availability, and confidentiality of our organization's information and technology assets. You will be a senior member of the corporate security team, providing leadership and expertise in security-related projects, incident response, and ongoing security operations. This role requires a deep understanding of security principles and technologies, as well as the ability to assess, design, and implement security solutions.
Key Responsibilities:
Security Infrastructure Management:
- Manage and maintain security infrastructure, including firewalls, intrusion detection/prevention systems, EDR solutions, VPNs, and security monitoring tools.
- Ensure that security systems are up to date and configured to meet industry best practices and compliance requirements.
- Lead incident response efforts, including investigation, analysis, and resolution of security incidents.
- Conduct digital forensics and analysis to determine the root cause of security breaches.
- Develop and enforce security policies, standards, and procedures in alignment with industry regulations and best practices.
- Conduct security audits and assessments to ensure compliance with legal and regulatory requirements.
- Maintenance and continuous improvement of ISO 27001 and similar standards within the organization. This includes developing and maintaining policies, procedures, and controls.
- Monitor emerging threats and vulnerabilities and adjust security measures accordingly.
- Maintain detailed documentation related to security configurations, incident response procedures, and security policies.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).
- Minimum 7 years of experience in enterprise security.
- In-depth knowledge of ISO 27001 standards and a track record of implementing and maintaining them within an organization.
- Strong knowledge of security technologies, including firewalls, intrusion detection/prevention systems, encryption, and SIEM solutions.
- Strong understanding of information security principles, risk management, and security technologies.
- Relevant industry certifications (e.g., CISSP, CISM, ISO 27001 Lead Auditor/Implementer) are highly desirable.
- Excellent communication and interpersonal skills to work with cross-functional teams, senior management, and external auditors.
- Strong problem-solving and analytical skills to address complex security issues.
- The ability to stay up-to-date with evolving security threats and industry best practices.
Skills
- Problem Solving
- Risk Analysis
- Security System Management