SENIOR INFORMATION SECURITY ENGINEER-VACANCY AT CAPITALSTAGE HOLDINGS

SENIOR INFORMATION SECURITY ENGINEER

by Emmanuel Urua
0 comment

Job Description

The Senior Information Security Engineer is responsible for developing and implementing security solutions to protect the organization’s IT infrastructure, data, and systems. The ideal candidate will have a strong understanding of cybersecurity best practices and a proven track record of success in implementing and managing security solutions. The Senior Information Security Engineer will manage SIEM content, and monitor and detect cyber security threats & incidents. The ideal candidate is highly motivated, intellectually curious, and analytical. The role requires a blend of cybersecurity experience and highly developed communication skills. The purpose of this role is to enhance security monitoring tooling, detections, and incident response capabilities using SIEM solutions to provide a single view of the environment.

Responsibilities

  • Develop and implement security strategies and plans
  • Manage and maintain security infrastructure
  • Conduct security risk assessments and audits
  • Investigate and respond to security incidents
  • Train and educate employees on security best practices
  • Stay up-to-date on the latest security threats and trends
  • Work closely with the Engineering, Application Support, Cloud Support, and various Business Teams to improve existing security monitoring and deliver resilient and comprehensive security solutions
  • Onboard data to the required standards, maintain and tune log sources, data contents, and use cases
  • Provide evidence of compliance for our audited environments (including PCI, ISO27001, ISAE3000, etc)
  • Define how logs should be parsed and ingested for best practice
  • Engage with other teams to ensure that the SIEM is performing to standard with all necessary logging sources monitored
  • Analyse, design, and deliver solutions to detect and stop adversaries
  • Propose additional Security Monitoring Use Cases
  • Define thresholds and baselines to aggregate similar events then write correlation rules
  • Ensure SIEM technologies are integrated & utilized to protect cyber-related assets
  • Support the operation of the comprehensive SIEM platform
  • Analyse SOC alert statistics and workflows to reduce false positives and increase fidelity.
  • Manage and improve SIEM infrastructure to improve detection flexibility and reliability.
  • Build pipelines to enrich logs and alert results to provide a comprehensive view for SOC analysts.
  • Research new security technologies
  • Support relationships with 3rd party vendors to enhance monitoring
  • Contribute to requirements for other security (and allied) technologies such as Endpoint/Network Detection & Response, Intrusion Detection/Prevention, Web Proxies, etc

Qualification

  • Bachelors degree in computer science, information security, or a related field
  • 5+ years of experience in cybersecurity
  • Strong understanding of cybersecurity best practices
  • Proven track record of success in implementing and managing security solutions
  • Excellent communication and interpersonal skills
  • Ability to work independently and as part of a team
  • Senior-level experience within a logging and monitoring function, with functional knowledge of a Security Operations Centre, preferably within a Regulated Financial Services business
  • Familiar with different log onboarding techniques in Splunk including Syslog, HTTP event, Universal Forwarder, DB Connect, and API queries
  • Has the ability to write SPL and use and populate data models
  • Previous experience in an audited environment complying with common regulation standards
  • Experience with other common Security Monitoring Technologies
  • Knowledge of global security and reporting standards such as NIST and MITRE
  • Common cloud-based platform technology experience is beneficial
  • Delivery mindset supported by the ability to execute in a complex technical environment
  • Experience collaborating cross-functionally to identify and implement best practice security, logging, and monitoring processes
  • Strong interpersonal skills, including good communication with the ability to articulate ideas in a precise and concise manner
  • CISSP, GIAC certifications, or equivalent
  • Familiarity with Indicators of Compromise (IoCs), Indicators of Attack (IoAs), ATT&CK Tools, Techniques and Procedures (TTPs)
  • Strong interpersonal skills, including good communication with the ability to articulate ideas in a precise and concise manner
  • The ideal candidate is a technically inclined and experienced security specialist who enjoys working in a fast-paced collaborative team environment
  • Flexible to provide on-call support 24/7 in the future if required

Location: Lagos State, Nigeria.

Apply: SENIOR INFORMATION SECURITY ENGINEER

Leave a Comment