- Company Name
- Proda Technology
- Job Title
- Security Engineer
- Job Description
-
**Job Title:** Security Engineer
**Role Summary:**
Execute and advance information security programs for the organization and its clients, ensuring alignment with business objectives and industry best practices.
**Expectations:**
Deliver proactive risk assessments, governance, compliance, incident response, and vendor risk management. Communicate security risks and recommendations in clear, business‑focused language and foster a security‑aware culture.
**Key Responsibilities:**
- Implement and support cybersecurity strategy, aligning initiatives with business goals.
- Conduct risk assessments, vulnerability analyses, and maintain risk registers.
- Develop and update security policies, standards, and procedures under frameworks such as NIST, HIPAA, SOC 2, and CIS.
- Participate in audit readiness, evidence collection, and remediation tracking.
- Coordinate incident response activities, maintain playbooks, and document investigations.
- Lead security awareness training and promote a security‑first mindset.
- Oversee security operations: SIEM alerts, endpoint protection, network security tools, vulnerability scan reviews.
- Assess third‑party vendor security posture, support due diligence, and monitor contractual requirements.
- Prepare and present security reports to senior management, translating technical findings into business language.
**Required Skills:**
- Networking, endpoint, identity & access, vulnerability, and data‑center security fundamentals.
- Risk assessment, governance & compliance (ISO, NIST, SOC 2) experience.
- Incident response, SIEM, MDR, EDR management.
- Client‑facing advisory and consulting.
- Strong documentation, analytical, troubleshooting, and time‑management abilities.
- Excellent written and verbal communication, adaptable to diverse audiences.
**Required Education & Certifications:**
- Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
- 3 + years at a Managed Services Provider.
- 7 + years in security engineering, operations, or consulting.
- Preferred certifications: CISSP, CISM, CRISC, CISA.