Job Description

Role Purpose:
We are seeking a Senior Security Engineer with a strong foundation in security incident response, infrastructure security, and expertise in a wide range of security tools and platforms. The ideal candidate will have 7+ years of hands-on experience in securing enterprise environments, managing high workloads, and acting as a subject matter expert (SME) across multiple domains. The role requires strong technical capabilities in Windows and Linux security, excellent problem-solving skills, and the ability to lead and support security operations and projects in a collaborative team environment.

Responsibilities:
Lead and manage complex security incidents, including investigation, containment, eradication, and recovery.
Conduct forensic analysis for both cloud-based and on-premise environments using industry-standard tools and best practices.
Manage and fine-tune security platforms, including SIEM (Microsoft Sentinel), EDR (Microsoft Defender for Endpoint), DLP, and CNAPP (Wiz, Prisma Cloud).
Oversee the complete vulnerability management lifecycle using tools such as Rapid7, Microsoft Defender, and Tenable.
Act as a Subject Matter Expert (SME) across security domains, including endpoint protection, cloud security, IAM, and PAM.
Implement and enforce security hardening, configuration baselines, and compliance policies across Windows and Linux systems.
Automate repetitive security operations tasks using scripting languages such as PowerShell and Bash.
Collaborate cross-functionally with IT, DevOps, and Compliance teams to align on security best practices and governance.
Maintain clear and detailed documentation of incidents, workflows, response playbooks, and security improvements.
Contribute to the development of the Security Operations Centre (SOC), including processes, tools, and team maturity.
Support implementation of key Information Security projects and contribute to the future Target Operating Model for the function.
Provide mentorship to junior security analysts and engineers to foster a strong learning culture within the team.

Skills & Experience:
Minimum 7+ years of experience in information security, preferably in SOC, incident response, or security engineering roles.
Advanced knowledge of both Windows (AD, DNS) and Linux operating systems, with proven hands-on hardening and configuration experience.
Strong experience in threat detection, incident handling, and forensic investigation.
Expertise in managing and optimizing Microsoft Sentinel (SIEM), Microsoft Defender (EDR), Wiz/Prisma (CNAPP), and DLP solutions.
Proficient in scripting languages—PowerShell and Bash—to support automation and tooling for security operations.
Solid understanding of cloud-native security practices, preferably within Microsoft Azure environments.
Experience with Identity & Access Management (IAM) and Privileged Access Management (PAM) tools such as Azure PIM and CyberArk.
Strong documentation, reporting, and communication skills with the ability to work effectively in a team-oriented environment.
Demonstrated ability to manage high-volume workloads and prioritize effectively in a dynamic, high-pressure environment.

Preferred Certifications (Optional but a Plus): 
GIAC (GCIA, GCIH, GCFA)
Microsoft SC Series (SC-200, SC-300, SC-400)
Azure Security Engineer Associate (AZ-500)
OSCP, CEH, CISSP

Skills Required