Cybersecurity Engineer

Job Overview

We seek a hands-on Cybersecurity Engineer with proven experience deploying and operationalizing enterprise security solutions.

You will implement EDR, NDR, SIEM, CSPM, IAM, and PAM technologies for commercial/government clients while ensuring alignment with MITRE ATT&CK and compliance frameworks (NIST, ISO 27001, IM8).

This role requires deep technical execution skills and solution integration expertise.

Core Responsibilities

• Solution Deployment & Integration
  • Endpoint: Deploy/manage CrowdStrike/SentinelOne (policy tuning, threat hunting packages)
  • NDR: Implement Darktrace/Vectra NDR with network segmentation enforcement
  • SIEM: Architect Splunk/Sumo Logic deployments (on-prem/cloud) with SOAR playbooks
  • Cloud Security: Configure CSPM (Wiz, Lacework), CNAPP (Prisma Cloud), and IaC scanning
  • IAM/PAM: Rollout CyberArk/Okta/PingIdentity (privileged session monitoring, RBAC workflows)
• Technical Optimization
  • Develop detection rules (Sigma, YARA) for APT groups targeting SEA Integrate solutions into CI/CD pipelines (Jenkins, GitLab)
  • Conduct solution hardening using CIS benchmarks
• Client Delivery & Handover
  • Lead, Develop, Conduct UAT & SSAT for assigned projects
  • Create operational runbooks, Design Documents, Configuration guide
  • Train client staff on solution management

Technical Requirements

• Solution Deployment Experience
  • EDR/XDR: CrowdStrike, SentinelOne, Microsoft Defender or equivalent
  • NDR: Darktrace, Vectra, ExtraHop or equivalent
  • SIEM/SOAR: Splunk ES, QRadar, Chronicle, Torq - Use case development, SOAR playbook automation
  • Cloud Security: Wiz, Prisma Cloud, AWS Security Hub - CSPM policy packs, cloud asset inventory
  • IAM/PAM: CyberArk, Okta, Azure AD PIM - Privileged access workflows, RBAC policy enforcement

Technical Competencies

• Scripting: Python/PowerShell for API integrations (e.g., SIEM-EDR correlation)
• Networking: TCP/IP stack, Zero Trust segmentation (Zscaler, Illumio)
• Cloud Platforms: AWS IAM, Azure Sentinel, GCP Security Command Center
• Compliance: Implement controls for NIST 800-53, ISO 27001, IM8

Certifications

• Required: CISSP, vendor certs (e.g., CrowdStrike CCSF, Splunk Power User)
• Cloud: AWS Security Specialty/Azure SC-200
• IAM: CyberArk Defender/Okta Certified Professional

Experience & Qualification Requirements

• Bachelor’s degree in IT, Cyber Security or equivalent
• 5+ years deploying cybersecurity solutions
• EDR/NDR: 3+ enterprise deployments (500+ endpoints)
• SIEM: 2+ full lifecycle implementations
• Cloud Security: CSPM/IAM rollout for AWS/Azure/GCP
• PAM: CyberArk/Thycotic deployment with vaulting solutions
• Govt project exposure (IM8, CSA Cyber Essentials) preferred
• Excellent communication and interpersonal skills.
  
  
• Ability to work independently and within a team