Our Client is an International Payment Solutions Company with offices around the globe an they are looking for a Security Engineer to join the team based in their very modern office in Nicosia.
Review system configurations to identify security gaps against Security Policies.
Play a key role and collaborate with DevOps to design and implement fit-for-purpose security solutions, following security best practices.
Review/Audit of security controls to ensure their applicability of design and operational effectiveness.
Authoring of good quality documentation to support business process and procedures.
First line of response, and working closely with DevOps and CSO, for security incidents, including co-ordination and subsequent post-incident clean up and investigation activities.
Assist in the process and completion of all audit activity (ISO, PCI, and other possible financial regulatory requirements).
Operation and maintenance of corporate security tools, including native cloud tools.
Further develop the operational capability of the Chief Security Office and educate end-users in security best practices.
At least 3 years in an Information/Cyber Security role.
Knowledge of information security frameworks, domains and principles, for examples CIS Critical Controls, ISO27001/2, ISF, NIST, etc.
Industry security certifications are preferred – Security+, SANS GIAC, CISSP, ISACA Certs, etc.
Previous experience with Security Governance and Risk Management.
Experience in the finance/banking sector would an advantage, but not necessary.
Excellent written and verbal communication skills, and stakeholder management experience.
Be subject to a National Police Records Check.
Proficiency with both Windows and Linux operating systems, able to identify configuration weaknesses and the ability to troubleshoot potentially compromised systems.
Good understanding or awareness of the OWASP Top 10 to comfortably engage with our developers or audit reports.
Good understanding of a broad range of cyber threats, including malware, DDoS, Phishing, MitM Attacks, Ransom ware, Data Leakage, etc.
Experience with performing vulnerability assessments and prioritising remediation efforts.
Awareness of the Cyber Kill Chain and the Mitre ATT&CK Framework.
Must have previously worked with next-gen Firewalls (Palo Alto preferred), WAF, EDR and IAM solutions.
Strong understanding of privileged user management (PAM) principles and tooling.
Experience with cloud technology solutions with AWS and Azure preferred.
SIEM experience is a bonus.
Knowledge of ITIL framework and processes.
Salary: Salary based on skills and previous experience plus excellent benefits