Information Security Engineer

The Information Security Engineer is responsible for safeguarding the organisation's information systems against unauthorised access, modification, or destruction. This role combines hands-on security operations with the design and implementation of secure network and system architectures, ensuring proactive threat detection and effective incident response. Key Responsibilities Security Architecture & Engineering Design, implement, and maintain robust security infrastructure across the organisation. Develop and deploy secure network architectures and system configurations aligned with best practices. Implement and manage security tools and platforms to protect systems and data. Monitoring & Threat Management Perform continuous monitoring of networks and systems to detect potential threats. Conduct regular security assessments, vulnerability scans, and penetration testing. Ensure rapid identification, analysis, and response to security incidents. Incident Response & Risk Mitigation Establish and maintain incident response protocols and procedures. Investigate security breaches and implement corrective actions to prevent recurrence. Develop automated solutions to mitigate vulnerabilities and streamline security operations. Collaboration & Governance Work closely with IT teams to define and enforce security standards, controls, and configurations. Support the selection and deployment of security technologies aligned with business needs. Ensure compliance with internal policies and relevant regulatory requirements. Training & Awareness Educate and train staff on information security policies, procedures, and best practices. Promote a security-first culture across the organisation. Qualifications & Experience Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). Relevant certifications preferred: CISSP, CISM, CEH, CompTIA Security+, GSEC , or similar. Proven experience as an Information Security Engineer or in a similar role. Hands-on experience with penetration testing and security assessment techniques. Strong understanding of firewalls, proxies, SIEM, antivirus, and intrusion detection/prevention systems (IDPS). Experience identifying, analysing, and mitigating network vulnerabilities. Working knowledge of programming/scripting languages such as Python, SQL, Perl, Ruby, or Go . Skills & Competencies Technical Skills Strong knowledge of networking protocols and infrastructure (routing, firewalls, IDS/IPS, encryption, load balancing). Experience with Active Directory and Linux system administration . Proficiency with vulnerability management and security tools (e.g. Greenbone, OpenVAS, Nessus, Intune, PingCastle ). Up-to-date knowledge of cybersecurity trends, threats, and risk management practices. Behavioural Competencies Strong analytical and problem-solving abilities. Ability to work effectively under pressure and respond to incidents accurately. Excellent communication and presentation skills. Ability to translate complex technical concepts for non-technical stakeholders. Strong project management and prioritisation skills.