IT Security Engineer-Repost Full-time Job

Job Purpose:

The IT Security Engineer will protect systems and data by defining system security requirements, implementing security controls, and ensuring their effective operation. They conduct regular audits to identify vulnerabilities, implement security measures, and respond to security incidents to maintain confidentiality, integrity, and availability.

Key Responsibilities:

Security Monitoring and Incident Response:

Continuously monitor security systems, analyze alerts, and investigate potential security incidents.

Lead the incident response process, coordinating with cross-functional teams to contain, eradicate, and recover from security incidents.

Develop and maintain incident response plans, playbooks, and procedures.

Conduct post-incident analysis to identify root causes and implement corrective actions.

Security Assessments and Vulnerability Management:

Conduct regular security assessments and penetration testing to identify vulnerabilities in systems and applications.

Evaluate and recommend security tools and technologies to improve the organization's security posture.

Manage and maintain vulnerability scanning tools and processes.

Develop and implement vulnerability remediation plans, prioritizing and tracking remediation efforts.

Security Architecture and Design:

Participate in the design and review of IT infrastructure and applications to ensure security requirements are integrated from the outset.

Develop and maintain security architecture standards and guidelines.

Evaluate and recommend security controls for cloud environments, ensuring compliance with industry best practices and regulatory requirements.

Security Awareness and Training:

Develop and deliver security awareness training programs for employees.

Communicate security best practices and promote a security-conscious culture throughout the organization.

Stay up to date with the latest security threats, vulnerabilities, and technologies.

Compliance and Governance:

Ensure compliance with relevant security standards and regulations (e.g., PCI DSS, ISO 27001).

Assist in the development and maintenance of security policies, standards, and procedures.

Conduct regular audits to verify compliance with security policies and standards.

Requirements:

Education:

Bachelor's degree in Computer Science, Information Security, or a related field.

Certifications:

Relevant security certifications (e.g., CISSP, CISM, Security+, CEH) are highly desirable.

Experience:

5-7 years of experience in IT security, with a focus on security engineering and incident response.

Technical Skills:

Strong understanding of security principles, technologies, and best practices.

Experience with security tools and technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability scanners, and endpoint security solutions.

Experience with cloud security and compliance frameworks.

Proficiency in scripting and automation languages (e.g., Python, PowerShell).

Soft Skills:

Excellent communication, collaboration, and problem-solving skills.

Ability to work independently and as part of a team.

Strong analytical and critical thinking skills.

Ability to prioritize and manage multiple tasks simultaneously.

Strong attention to detail.

Other Skills:

Knowledge of regulatory requirements and compliance frameworks (e.g., PCI DSS, ISO 27001).

Experience with threat modeling and risk assessment methodologies.

Knowledge of network protocols and security.

Experience with data loss prevention (DLP) technologies.

Umniah, a subsidiary of Batelco Bahrain, started its operations in Jordan in 2005. The company is considered one of the fastest-growing and most reliable telecom operators in the Jordanian market, offering a diverse array of high-quality telecom services including mobile, internet, and enterprise solutions.