Summary

About the Role

We are seeking an experienced Security Professional with a strong background in Enterprise Security and experience in implementing and maintaining security compliance standards like ISO 27001, SOC 2, etc.

As a Corporate Security Engineer Level 3, you will be responsible for ensuring the integrity, availability, and confidentiality of our organization's information and technology assets. You will be a senior member of the corporate security team, providing leadership and expertise in security-related projects, incident response, and ongoing security operations. This role requires a deep understanding of security principles and technologies, as well as the ability to assess, design, and implement security solutions.

Key Responsibilities:

Security Infrastructure Management:

• Manage and maintain security infrastructure, including firewalls, intrusion detection/prevention systems, EDR solutions, VPNs, and security monitoring tools.
• Ensure that security systems are up to date and configured to meet industry best practices and compliance requirements.

• Lead incident response efforts, including investigation, analysis, and resolution of security incidents.
• Conduct digital forensics and analysis to determine the root cause of security breaches.

• Develop and enforce security policies, standards, and procedures in alignment with industry regulations and best practices.
• Conduct security audits and assessments to ensure compliance with legal and regulatory requirements.
• Maintenance and continuous improvement of ISO 27001 and similar standards within the organization. This includes developing and maintaining policies, procedures, and controls.

• Monitor emerging threats and vulnerabilities and adjust security measures accordingly.

• Maintain detailed documentation related to security configurations, incident response procedures, and security policies.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).
• Minimum 7 years of experience in enterprise security.
• In-depth knowledge of ISO 27001 standards and a track record of implementing and maintaining them within an organization.
• Strong knowledge of security technologies, including firewalls, intrusion detection/prevention systems, encryption, and SIEM solutions.
• Strong understanding of information security principles, risk management, and security technologies.
• Relevant industry certifications (e.g., CISSP, CISM, ISO 27001 Lead Auditor/Implementer) are highly desirable.
• Excellent communication and interpersonal skills to work with cross-functional teams, senior management, and external auditors.
• Strong problem-solving and analytical skills to address complex security issues.
• The ability to stay up-to-date with evolving security threats and industry best practices.

Skills

• Problem Solving
• Risk Analysis
• Security System Management