IT security engineer

Development and maintenance of detection rules to identify malicious or suspicious activities within the environment.
Implementation and management of systems for real-time threat detection and alerting.
Daily incident response and remediation, coordinating response actions with both internal and external stakeholders.
Proactive threat and vulnerability hunting across the network.
Development and maintenance of log collection systems such as SIEM and/or Data Lake for long-term data retention and normalization.
Development and maintenance of automation platforms within security operations tools to optimize automated responses where possible.
Collaboration with other IT and IT security teams to ensure comprehensive threat coverage and understanding of impact and criticality.
Creation of scripts and reports required to prevent disruption or unavailability of information assets and to assess impact.
Analysis of security attacks and provision of recommendations for remediation through configuration of existing security systems.
Definition and implementation of information assets where software is the core component, to enhance the overall security posture.
Development and maintenance of technical manuals and process documentation.

Performing in-depth analysis of suspicious activities and attack attempts, during and after incidents, including but not limited to malware analysis, packet analysis, alerts, and log review, to identify signs of malicious activity.
Staying up to date with security operations, data analysis, incident response technologies, methodologies, and legal requirements.
Conducting digital forensic and incident investigations when required.
Ensuring all investigations are carried out in compliance with regulatory requirements and the company’s internal policies, standards, and procedures.
Providing management metrics, periodic intelligence reports, and lessons learned regarding various threat actors and IOCs.
Enhancing existing capabilities through continuous improvement of relevant intelligence sources and methods, and recommending new tools and procedures for threat detection and protection of intellectual property and assets.
Supporting investigations and/or official inquiries related to insider threats or acceptable use policy violations.
Identifying areas requiring improvement within internal processes and proposing potential solutions.
Collaborating with the IT Security Operations Manager to define and document standard operating procedures for handling security incidents, malware analysis, vulnerability management, and related activities.
Maintaining confidentiality regarding professional secrecy and the security of documents handled and administered.