Position: Security Engineer

Department: I.T. Services   

Reports To: CIO

Location: Larnaca - Cyprus

As a member of the HFM Infrastructure Security team the Security Engineer will play a vital role in the process of risk assessment, security analysis and protection of different corporate assets from unauthorized access and activities.

RESPONSIBILITIES & DUTIES

• Monitoring and maintaining the current security solutions in order to identify potential unauthorized activities across the environment
• Evaluating and implementing new security tools in order to solve specific use cases, improve current visibility or enhance existing security processes.
• Assisting with different ongoing security projects and campaigns related to endpoint and network security solutions.
• Participate in, analyse and improve existing incident response processes
• Identifying current and emerging technology issues including security trends, vulnerabilities and threats
• Conducting proactive research to analyse security weaknesses and recommend appropriate strategies
• Participate in planning, development and implementation of the company’s information security strategy and established security best practices.
• Assisting and troubleshooting different security issues

REQUIREMENTS

• An enthusiasm and passion for staying up to date with the very latest updates about security threats and solutions
• Knowledge on best practice configurations and Security Frameworks such as CIS Controls
• Knowledge on Active Directory and general Linux administration
• Expertise across a variety of security products including firewalls, URL filtering, information security and virus protection
• Experience with open source penetration testing tools such as Metasploit, Burp, password crackers, phishing simulation tools and others (KingPhisher, GoPhish)
• Experience with implementation and management of security solutions such as Endpoint Detection and Response (EDR), Antivirus/HIPS, SIEM, DLP, Mail filtering and others.
• Experience with building of custom rules to stop custom unauthorized behaviour
• Experience with malware investigation, troubleshooting and analysis of samples
• Understanding of MITRE ATT&CK framework
• Knowledge on common attacks and typical malicious abnormal patterns and potential ways to prevent/monitor them – LolBin activities, ransomware infections, brute force, password spraying events and others
• Experience with incident response processes and related tools
• Certifications such as SANS GIAC, OSCP or other hands on blue team/red team courses will be plus

BENEFITS

A very competitive remuneration and benefits package is offered to all successful candidates including 13th salary, in addition to the opportunity to work within an exciting and engaging work environment where you will be given the tools and guidance to reach your full potential.