About the job Senior Cyber Security Engineer
Job Category: IT Job Type: Full Time Job Location: HybridLuqa
At Epic, we pride ourselves on delivering Great Network for Great Value to our customers and we do so through focusing on the customer, collaborating as one team.
The Senior Cyber Security Engineer will be responsible to ensure the availability, integrity and confidentiality of all the organizations system and network. This role involves developing and implementing security measures, monitoring network traffic, conducting security assessments, and responding to security incidents. The ideal candidate should have a strong understanding of cyber security principles, technologies and best practices.
Key Accountabilities / Key Activities:
- Set guidelines, document policies and procedures based on best practices and industry standards. Responsible to review and communicate Cyber Security Policies within the company.
- Contribute and deliver cyber security training awareness and guidance to employees to raise awareness and improve security performance.
- Together with the technical teams, build an understanding of the environment and the risk posture of the company.
- Carry out security reviews for new or major changes in the company's environment.
- Follow the principle of Security by Design and provide security feedback on new initiatives.
- Conduct regular vulnerability scans both externally and internally and ensure that remediation by the respective teams is performed in a timely manner.
- Monitoring the current threat landscape and uncovering new vulnerabilities and risks and consequently reporting and mitigating them.
- Liaise with auditors and regulators as required.
- Ensure compliance with Payment Care Industry Data Security Standard (PCIDSS) requirements.
- Perform day-to-day security tasks related to Firewall approvals, vetting on user access requests and troubleshooting.
- Responsible for Security Incident Management and Response. Handling security alerts, events and security incidents including the corresponding analysis results.
- Handle day to day availability of security systems and perform updates/upgrades as necessary.
- Take a proactive approach in identifying potential security risks and developing strategies to mitigate them. Research new cyber security technologies that will improve cyber security posture of the company.
- Assist the Cyber Security Senior Manager in defining roadmap for the company.
- Develop and maintain documentation for all assigned responsibilities.
- Role requires 24/7 on-call availability to address urgent issues.
Functional and Technical Skills:
- Information Technology degree in the relevant technical field and/or specialized security certification.
- Minimum 3 years' experience in a Cyber Security role.
- Familiar with regulatory requirements and standards such as ISO 27001, PCIDSS, GDPR, NIS 2 and other relevant standards.
- Proficiency in security technologies such as Intrusion Detection and Intrusion Prevention Systems, Vulnerability Assessment Tools, Web Application Firewalls, Security Information Event Management Solutions, Web Proxy Servers.
- Strong understanding of OWASP Top 10 vulnerabilities and mitigation techniques.
- Experience working with different operating systems and network security.
- Information Security relevant certifications (e.g. CISA, CISSP, CISM) will be considered an asset.
Behaviours and Competencies:
- Time Management: Strong organisational and time-management skills
- Continuous Learning: Keen to stay abreast of technological and security developments and adapting these to the company
- Analytical Thinking: Effective problem-solving skills and attention to detail
- Collaboration: Effective in liaising with vendors and company personnel at both a technical level and business level
- Communication: Strong communication skills with the ability to convey technical concepts in an understandable manner
- Documentation: Excellent documentation skills to maintain up-to-date knowledge base