Job Description:
Ocuco Group is offering an exciting opportunity for a Security Engineer to work with our Security, IT & Operations teams worldwide. The core objective is to contribute to Ocuco's continuous growth by providing a world-class secure IT infrastructure.
Key Responsibilities:
* Lead vulnerability management and incident response actions
* Plan, implement, manage, monitor, and enhance security measures for the protection of data, systems, networks and applications
* Implement systems security controls in line with security policy requirements
* Review security controls and policies against industry best practices and regulatory requirements
* Assess risks and identify vulnerabilities
* Enhance security aspects of IT procedures
* Implement, enhance and review firewall configurations
* Monitor systems and review logs for security incidents
* Manage systems patching activities
* Conduct external and internal vulnerability scanning
* Perform Access Reviews across on-prem and cloud assets
* Manage external penetration testing
* Identify new and emerging security threats and implement protective measures
* Grow security consciousness in other staff and assist in incorporating secure-by-design features into systems and application design
Requirements:
* 3+ years of experience in an IT infrastructure role
* Skilled in Microsoft Azure cloud services design, deployment, management, security and audit
* Hands-on experience with security baselining
* Expertise in vulnerability management tools
* Experience in designing and managing, in at least one of these areas:
o Networking, including routing, VLAN, subnets, firewalls, switches, security, enterprise wireless, VPN, BGP
o Applications, including Remote Desktop Services, IIS, Apache
o DevOps/IT automation, including scripting, Chef/Puppet/Ansible
* Microsoft Windows Server & AD
* Excellent analysis, planning, organisation & prioritisation skills
* A conscientious approach to work, assuming personal ownership of responsibilities & tasks
* Exceptional teamwork skills, with a proactive attitude toward contributing to and enhancing team performance
* Excellent communication skills and native-level fluency in English
Desirable Skills:
* A relevant IT qualification
* A relevant Security qualification
* Proficiency in incident response tools (Cortex XDR, Microsoft Sentinel)
* Expertise in vulnerability management tools (Edgescan, Snyk, SonarCloud)
* Microsoft Windows Server Operating Systems, multi-forest Active Directory and RemoteApp
* Microsoft Azure Security management and experience with Azure Policy
* Networking qualifications, such as Cisco CCNA
* Firewall administration and security (Palo Alto, Azure Firewall)
* IIS, Apache, load balancing, general web server technology, RDS
* DevOps in relation to automated management of IT systems
* Technical Security including access control and audit, endpoint protection, system hardening, intrusion prevention, incident management
* Linux server Operating Systems
* VMWare vCentre planning, installation & maintenance