Job Title: Mid-Level - Cybersecurity Engineer

Job Summary

The Mid-Level Cybersecurity Engineer plays a pivotal role in safeguarding an organization's infrastructure against an ever-evolving landscape of cyber threats. This position involves the development and implementation of robust security measures, conducting thorough vulnerability assessments, and designing secure architecture to mitigate risks. The ideal candidate will possess a few years of hands-on experience in cybersecurity, showcasing their ability to respond effectively to incidents while collaborating with cross-functional teams to embed security within the development lifecycle.

Key Responsibilities

• Lead efforts in vulnerability assessments and penetration testing across systems and networks to identify security weaknesses.
• Develop and implement comprehensive security protocols, policies, and procedures to enhance the organization's security posture.
• Monitor and analyze security events using advanced Security Information and Event Management (SIEM) tools to detect and respond to potential threats.
• Conduct detailed security investigations and provide actionable recommendations for mitigation of identified vulnerabilities.
• Design and implement secure network architectures and systems that align with best practices and organizational needs.
• Respond to and manage security incidents and breaches, ensuring proper documentation and reporting of all incidents.
• Collaborate with other IT teams to ensure security is integrated into the software development lifecycle and operational processes.
• Perform risk assessments and develop effective risk management strategies to minimize potential impacts on the organization.
• Provide mentorship and guidance to junior cybersecurity engineers, fostering a culture of continuous learning and improvement.

Skills and Knowledge Required

• Strong understanding of cybersecurity principles, threat landscapes, and effective mitigation strategies.
• Advanced knowledge of network protocols, web applications, and system security best practices.
• Experience with advanced security tools, including SIEM, Endpoint Detection and Response (EDR), firewalls, and Intrusion Detection/Prevention Systems (IDS/IPS).
• Proficient scripting or programming skills in languages such as Python, PowerShell, or Bash.
• Familiarity with regulatory standards such as GDPR, HIPAA, NIST, and ISO 27001.
• Knowledge of encryption methods, secure coding practices, and identity/access management frameworks.
• Strong problem-solving and troubleshooting skills, with the ability to think critically under pressure.
• Proven ability to lead security initiatives and manage projects effectively.

Educational Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Cybersecurity certifications such as CISSP, CEH, or equivalent are highly desirable.

Key Focus Areas

• Vulnerability assessment and penetration testing
• Incident response and investigation
• Risk assessment and mitigation
• Security architecture and design

Experience

• 3–5 years of experience in cybersecurity or information security roles, with a focus on hands-on technical responsibilities.
• Experience in network security and incident response, demonstrating a proactive approach to threat management.

Tools and Equipment

• Proficient in using SIEM tools such as Splunk, QRadar, or LogRhythm.
• Experience with penetration testing tools including Kali Linux, Metasploit, and Burp Suite.
• Familiarity with network security tools such as firewalls and IDS/IPS systems.
• Knowledge of vulnerability scanning tools like Nessus and OpenVAS.

Other Requirements

• Ability to work effectively under pressure and manage multiple tasks simultaneously.
• Strong communication skills to facilitate collaboration with cross-functional teams.
• Certifications in cloud security (AWS, Azure, GCP) or specific tools are considered a plus.