Sr. Security Engineer

at  Bricks Technologies Systems

EXPERIENCE

: 7 to 10 Years

DESCRIPTION

The Sr. Security engineer is responsible for providing expert guidance in
designing, implementing, and reviewing security architectures across a
wide range of technologies and environments. This role involves
developing secure solutions for applications, infrastructure, and network
environments, including Web Application Firewalls, IPS, Database
Activity Monitoring (DAM), Privileged Access Management (PAM),
Network Access Control (NAC), Mobile Device Management (MDM),
Secure Remote Access, and Patch Management. A key focus will be on
applying Zero Trust Architecture principles and integrating supporting
technologies to maintain robust security standards.

Security Architecture and Engineering:

• Develop security architecture blueprints for new and existingsystems, ensuring alignment with the organization’s overall securitystrategy.
• Design and implement secure solutions that cover Web ApplicationFirewalls (WAF), Intrusion Prevention Systems (IPS), DatabaseActivity Monitoring (DAM), Privileged Access Management (PAM),Network Access Control (NAC), Mobile device management(MDM). and Secure Remote Access.
• Integrate DDoS prevention, ransomware protection, and other threatmitigation strategies into design frameworks
• Oversee the deployment of security architectures, ensuring smoothimplementation and minimizing disruption to operations.
• Collaborate with other IT and security teams to ensure the correctconfiguration of security technologies like IPS, PAM, and EndpointSecurity solutions
• Conduct at least quarterly reviews and updates of existing securitydesigns to incorporate the latest threat intelligence and securitytrends.
• Ensure all designs are compliant with internal and external securitystandards, including ISO 27001, NIST, GDPR, and other relevantregulations.Implementing zero trust architecture and framework:
• Develop and communicate a Zero Trust Architecture roadmap,covering phased implementation across applications, infrastructure,and network layers.
• Conduct security posture assessments to identify vulnerabilities,gaps, and areas for Zero Trust integration.
• Design and implement robust authentication and authorizationprotocols (e.g., MFA, SSO) to enforce least privilege and verifyevery access attempt.
• Apply micro-segmentation strategies to control and limit lateralmovement within the network.

Implementing zero trust architecture and framework:

• Develop and communicate a Zero Trust Architecture roadmap,covering phased implementation across applications, infrastructure,and network layers.
• Conduct security posture assessments to identify vulnerabilities,gaps, and areas for Zero Trust integration.
• Design and implement robust authentication and authorizationprotocols (e.g., MFA, SSO) to enforce least privilege and verifyevery access attempt.
• Apply micro-segmentation strategies to control and limit lateralmovement within the network.
• Implement and manage continuous monitoring and anomalydetection to identify, isolate, and respond to suspicious activities inreal-time.
• Collaborate with IT and DevOps teams to integrate ZTA in new andexisting systems without compromising performance.
• Educate stakeholders and train IT staff on Zero Trust principles andspecific security controls.
• Maintain and update the Zero Trust model as security threats evolveand new solutions are introduced
• Reduce mean time to detect (MTTD) and mean time to respond(MTTR) to threats by 30% within the Zero Trust environment

REQUIREMENTS

• Bachelor of Science in Computer Science, Cybersecurity, or a relatedfield
• Minimum 5 – 7 years of experience application security or a relatedfield
• Relevant certifications (e.g., CISSP, TOGAF, AWS Security / AzureSecurity AZ500) are highly desirable.
  Apply Now
  Powered By

Please refer the Job description for details