Gijima Staffing Solutions is responding to a tender: We are seeking a Security Engineer is responsible for designing, implementing, and maintaining robust security systems that protect an organization’s IT infrastructure and data. This role involves identifying vulnerabilities, implementing security measures, and monitoring networks to prevent unauthorized access, attacks, and breaches. The ideal candidate will have a solid understanding of cybersecurity technologies, attack vectors, and defense strategies.
Key Responsibilities:
- Security System Implementation:Design and deploy security solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), and encryption technologies to protect the organization’s data and IT infrastructure.
- Threat & Vulnerability Management:Conduct vulnerability assessments and penetration testing to identify security weaknesses. Implement patches, fixes, and security updates to mitigate potential risks.
- Network Security Monitoring:Monitor network traffic for suspicious activity and respond to security incidents in a timely manner. Use SIEM (Security Information and Event Management) tools to detect potential threats.
- Incident Response & Forensics:Investigate and respond to security breaches or incidents, working closely with incident response teams. Conduct forensic analysis to understand attack vectors and prevent future breaches.
- Security Policies & Procedures:Develop and enforce security policies, standards, and best practices. Ensure all systems comply with industry standards and regulatory requirements.
- Collaboration with IT Teams:Work closely with IT and development teams to integrate security into all stages of software development and infrastructure projects. Provide guidance on secure configurations and architectures.
- Security Auditing & Reporting:Regularly audit systems for compliance with security policies. Create detailed reports on security incidents, vulnerabilities, and risks for management review.
- Continuous Improvement:Stay up-to-date with the latest security threats, technologies, and trends. Provide recommendations for improving the organization’s security posture.
Required Qualifications and Skills:
- Education:
- Bachelor’s Degree in Cybersecurity, Information Technology, Computer Science, or a related field.
- Relevant certifications such as CISSP, CEH, CISM, or GIAC are preferred.
- Experience:
- Minimum of 5 years of experience in security engineering, network security, or cybersecurity operations.
- Technical Skills:
- Strong knowledge of security technologies (e.g., firewalls, IDS/IPS, VPN, DLP, encryption).
- Experience with SIEM platforms (e.g., Splunk, ArcSight, QRadar) and log analysis.
- Proficiency in vulnerability management and penetration testing tools (e.g., Nessus, Qualys, Metasploit).
- Familiarity with cloud security in environments like AWS, Azure, or Google Cloud.
- Knowledge of network protocols and operating systems (Windows, Linux, macOS).
- Soft Skills:
- Strong analytical and problem-solving abilities.
- Excellent communication and documentation skills.
- Ability to work under pressure and prioritize tasks in high-stress situations.
Tools & Technologies:
- Security Tools: Firewalls (e.g., Palo Alto, Cisco ASA), IDS/IPS (Snort, Suricata), VPN, DLP, SIEM (Splunk, ArcSight).
- Penetration Testing: Kali Linux, Metasploit, Burp Suite, Wireshark.
- Vulnerability Management: Nessus, Qualys, OpenVAS.
- Cloud Security: AWS Security Hub, Azure Security Center, Google Cloud Security Command Center.
- Encryption: SSL/TLS, VPNs, PKI, BitLocker.
Additional Considerations:
- Experience with DevSecOps practices and automation of security testing is a plus.
- Knowledge of Zero Trust security models is highly desirable.
- Understanding of regulatory compliance (e.g., GDPR, POPIA, PCI-DSS) is beneficial.
Desired Skills:
- AWS
- CISSP
- Cloud security