Network Security Engineer

Full job description

Position Purpose

The Security Engineer is responsible for designing, implementing, and maintaining the organization’s security infrastructure to protect systems, networks, and data from internal and external threats. This role plays a critical part in safeguarding the confidentiality, integrity, and availability of enterprise information assets by proactively identifying vulnerabilities, responding to incidents, and ensuring compliance with security policies and regulatory requirements.

The Security Engineer collaborates closely with IT, DevOps, and Risk Management teams to integrate security best practices into the software development lifecycle, infrastructure design, and operational processes. This position requires a strong technical background, analytical mindset, and a proactive approach to threat detection and mitigation.

Duties and Responsibilities

• Configure and tune SIEM Solution in alignment with Sagicor’s attack surface.
• Evaluate, test and implement security policies and security filters to ensure we are getting the most out of the security products.
• Develop and update operational and incident response playbooks.
• Perform vulnerability assessments and scanning.
• Assist in security incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
• Implement solutions in alignment with security roadmap to address threat models and organizational risks.
• Review events and unusual activity of note for further incident response investigation.
• Maintain up-to-date documentation including security documentation, diagrams, procedures, and policies.
• Perform postmortem/root cause analysis, identify areas of improvement and provide recommendations based on findings.
• Review of current controls within the organization and test their effectiveness.
• Conduct internal penetration testing, simulating an attack on the system to find exploitable weaknesses and effectiveness of controls.
• Responsible for implementing best practices and industry leading security methods across all information system platforms.
• Recommends and implements security policies in direct co-ordination with Sagicor’s envisaged plan.
• Performs any other duties as assigned.

Qualifications

• Bachelor’s Degree (BSc.) in computer science, software engineering, cybersecurity or equivalent and at least five (5) years’ relevant experience.
• Network engineer certifications such as CCNP Security (Cisco Certified Network Professional Security), OSCP, CEH (Certified Ethical Hacker), CISSP (Certified Information Systems Security Professional), and GIAC Security Certifications.
• Sound understanding of project management methodologies and techniques.
• Real world experience with network architecture, telephony architecture, datacenter design, back-office systems, and SOA architecture design.
• Strong ability to create followership as well as demonstrate impact and influence skills.
• Knowledge of emerging technologies that are pushing the technology envelope.
• Good ability to analyze information related to computer technology to assist in directing company management in the selection of software and hardware to meet the needs of the organization.
• Good working knowledge of TQM or other quality programs (Six Sigma, Lean, Total House of Quality, etc.) along with a solid understanding of root cause analysis.
• Good written and verbal communication skills along with excellent administrative and organizational skills.
• Ability to exercise strong judgment in analyzing, appraising, evaluating and solving problems of a difficult procedural, organizational, administrative or technical nature.
• Scripting in any major language (Python, PowerShell, Java Script etc.)
• Proven work experience as a network security engineer or information security engineer. Experience in creating and maintaining security systems.
• Thorough understanding of the latest technologies, security principles, and protocols.
• Experience with security systems, intrusion detection systems, firewalls, anti-virus software, log management, authentication systems, content filtering, etc.
• Understanding of the web-related terminologies and software such as web applications, web related protocols, service-oriented architectures, and web services.
• Ability to work under pressure and stressful scenarios. Ability to communicate and report security incidents and issues to the upper management.
• Knowledge of computer forensic tools, data loss prevention methods, and disaster recovery methods.
• Previous experience within a financial services environment would be an asset.

Sagicor Life Insurance Company is an Equal Opportunity Employer. All qualified applicants will be considered for employment regardless of race, color, age, national origin, religion, sex, gender identity or expression (including transgender status), military or veteran status, physical or mental disability, sexual orientation, genetic information, pregnancy, childbirth or related medical conditions, or any other status protected under applicable federal, state, or local law.