level-up-2
Information Security Engineer
Job description
The Information Security Engineer is responsible for safeguarding the organisation's information systems against unauthorised access, modification, or destruction. This role combines hands-on security operations with the design and implementation of secure network and system architectures, ensuring proactive threat detection and effective incident response.
Key Responsibilities
Security Architecture & Engineering
- Design, implement, and maintain robust security infrastructure across the organisation.
- Develop and deploy secure network architectures and system configurations aligned with best practices.
- Implement and manage security tools and platforms to protect systems and data.
Monitoring & Threat Management
- Perform continuous monitoring of networks and systems to detect potential threats.
- Conduct regular security assessments, vulnerability scans, and penetration testing.
- Ensure rapid identification, analysis, and response to security incidents.
Incident Response & Risk Mitigation
- Establish and maintain incident response protocols and procedures.
- Investigate security breaches and implement corrective actions to prevent recurrence.
- Develop automated solutions to mitigate vulnerabilities and streamline security operations.
Collaboration & Governance
- Work closely with IT teams to define and enforce security standards, controls, and configurations.
- Support the selection and deployment of security technologies aligned with business needs.
- Ensure compliance with internal policies and relevant regulatory requirements.
Training & Awareness
- Educate and train staff on information security policies, procedures, and best practices.
- Promote a security-first culture across the organisation.
Qualifications & Experience
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
- Relevant certifications preferred: CISSP, CISM, CEH, CompTIA Security+, GSEC , or similar.
- Proven experience as an Information Security Engineer or in a similar role.
- Hands-on experience with penetration testing and security assessment techniques.
- Strong understanding of firewalls, proxies, SIEM, antivirus, and intrusion detection/prevention systems (IDPS).
- Experience identifying, analysing, and mitigating network vulnerabilities.
- Working knowledge of programming/scripting languages such as Python, SQL, Perl, Ruby, or Go .
Skills & Competencies
Technical Skills
- Strong knowledge of networking protocols and infrastructure (routing, firewalls, IDS/IPS, encryption, load balancing).
- Experience with Active Directory and Linux system administration .
- Proficiency with vulnerability management and security tools (e.g. Greenbone, OpenVAS, Nessus, Intune, PingCastle ).
- Up-to-date knowledge of cybersecurity trends, threats, and risk management practices.
Behavioural Competencies
- Strong analytical and problem-solving abilities.
- Ability to work effectively under pressure and respond to incidents accurately.
- Excellent communication and presentation skills.
- Ability to translate complex technical concepts for non-technical stakeholders.
- Strong project management and prioritisation skills.


