Facebook-f Linkedin-in Instagram
About Us Services Jobs Contact

Log in/Create account

close

Security Engineer

Apply now
Industry

IT Services

Type

Contract

Country

Remote

City

Remote

Security

Not Needed

Company

CMRE

Essential Qualifications/Experience:

·       Experience in the design or implementation of security controls within a formal security management framework (e.g. ISO 27000, NIST SP-800 series, or other national equivalents)

·       Advanced knowledge of security systems including one or more of these domains: anti-virus applications, content filtering, firewalls, authentication systems, vulnerability management solutions, IDS/IPS, DLP, SIEM platforms

·       Experience in supervision of technical teams or managing security projects

·       Experience of preparing technical documentation and Standard Operating Procedures

·       Bachelor’s degree at a nationally recognised/certified university in a related discipline (Computer Engineering, Computer Science,…) and 3 to 5 years post-related experience (junior/senior)

Desirable Qualifications/Experience:

·       Master’s Degree, at a nationally recognized/accredited university in in a related discipline (Computer Engineering, Computer Science, …)

·       Experience with NATO or national Security Accreditation process

·       Security management certifications (e.g. CISSP, CRISC, CISM, or equivalent)

·       Technical certifications relevant to the post (e.g. GIAC, CCNP-Security, CompTIA Security+, or equivalent)

·       Advanced knowledge of web application security including OWASP Top 10, secure SDLC, authentication/authorization mechanisms, API security, and web application security

·       Experience implementing security controls in Databricks environments on Microsoft Azure including Unity Catalog, workspace security, cluster policies, secret scopes, network isolation (VNet injection, private endpoints), and secure data access patterns

·       Experience conducting web application penetration testing and security assessments

·       Experience with container security and orchestration platforms

·       Experience with design, implementation and management of networks based on Cisco technologies

·       Experience with configuration and management of network monitoring and event management systems (e.g. Splunk or Solarwinds)

·       Experience with security incident management

·       Experience with NATO security policies

·       Experience with security risk management

 

DUTIES/ROLE:

·       Provides professional contributions to assist in achieving and maintaining security accreditation for CMRE systems and applications, data acquisition, processing and storage, and their interfacing with other CIS, across the life cycle (development, implementation, operation, enhancement, withdrawal from service)

·       Within a project structure, advises on cost-effective countermeasures to minimize the security risks anticipated during the development and operation phases of the CIS life cycle

·       Within a framework of security accreditation, implements and operates the prescribed security controls under the supervision of the CIS Provider and the under the control of Security Staff

·       Documents the architecture, configuration and security posture of CIS in use within CMRE to inform the risk management activities of the Security Organization

·       Implements security best practices and security controls, under the supervision of the CIS Provider

·       Plans, implements and upgrades CIS

·       Analyses security breaches to determine their root cause

·       Contributes to define, implement and maintain corporate security policies

·       Supervises and manages Technical Teams as required

·       Undertakes security testing, in accordance with an agreed Security Testing & Verification (ST&V) Plan

·       Supports the CIS Provider in the formulation of Security Operating Procedures (SecOPs) for the CIS

·       Contribute to the maintenance of configuration baselines through configuration management and change control

·       Supports the CIS Provider in undertaking periodic vulnerability assessments, under the control of Security staff and in accordance with the requirements of the Security Accreditation Authority

·       Provides regular training and awareness to other project staff

·       Supports periodic security audits performed by Security Staff and the Security Accreditation Authority

 

Job requirements

All the mandatory requirements have to be met in order to apply.

• Experience in the design or implementation of security controls within a formal security management framework (e.g. ISO 27000, NIST SP-800 series, or other national equivalents) (Mandatory)
• Advanced knowledge of security systems including one or more of these domains: anti-virus applications, content filtering, firewalls, authentication systems, vulnerability management solutions, IDS/IPS, DLP, SIEM platforms (Mandatory)
• Experience in supervision of technical teams or managing security projects (Mandatory)
• Experience of preparing technical documentation and Standard Operating Procedures (Mandatory)
• Bachelor’s degree at a nationally recognised/certified university in a related discipline (Computer Engineering, Computer Science,…) and 3 to 5 years post-related experience (junior/senior) (Mandatory)
• Masters Degree, at a nationally recognized/accredited university in in a related discipline (Computer Engineering, Computer Science, …) (Nice to have)
• Experience with NATO or national Security Accreditation process (Nice to have)
• Security management certifications (e.g. CISSP, CRISC, CISM, or equivalent) (Nice to have)
• Technical certifications relevant to the post (e.g. GIAC, CCNP-Security, CompTIA Security+, or equivalent) (Nice to have)
• Advanced knowledge of web application security including OWASP Top 10, secure SDLC, authentication/authorization mechanisms, API security, and web application security (Nice to have)
• Experience implementing security controls in Databricks environments on Microsoft Azure including Unity Catalog, workspace security, cluster policies, secret scopes, network isolation (VNet injection, private endpoints), and secure data access patterns (Nice to have)
• Experience conducting web application penetration testing and security assessments (Nice to have)
• Experience with container security and orchestration platforms (Nice to have)
• Experience with design, implementation and management of networks based on Cisco technologies (Nice to have)
• Experience with configuration and management of network monitoring and event management systems (e.g. Splunk or Solarwinds) (Nice to have)
• Experience with security incident management (Nice to have)
• Experience with NATO security policies (Nice to have)
• Experience with security risk management (Nice to have)
Apply to the job
Overview
Details
Requirements
Apply