Security Engineer (Infrastructure) - ESK Agency
18 hours ago
Málaga
ph3Your mission /h3 pAs an bInfrastructure Security Engineer /b, you will join our global information security team to bdesign, deploy, and maintain security controls /b for our bprivate cloud and on-premises infrastructure /b. Your role is critical in protecting our bservers, networks, and data centers /b from internal and external threats, ensuring operational resilience while enabling the organization to function securely. /p pYou will have full responsibility for the bengineering, maintenance, and day-to-day operations /b of security systems that protect our bdata and IT assets /b, with a focus on bpractical, hands-on implementation /b and continuous improvement. /p h3What You Will Do /h3 h3Design, Deployment, and Maintenance of Security Controls in a hybrid environment /h3 ul li pEngineer, deploy, maintain and improve bsecurity technologies /b, including: /p ul lipbWAF /b, bIDS/IPS /b, and bendpoint protection platforms /b (e.g., CrowdStrike, Cortex, SentinelOne). /p /li lipbSIEM solutions /b (e.g., Splunk, QRadar, ELK) for log aggregation, correlation, and alerting. /p /li lipbVulnerability management platforms /b for scanning, patching, and remediation. /p /li /ul /li li pAutomate routine security tasks (e.g., vulnerability scanning, patch management, configuration compliance) using bscripting (Python, Bash, PowerShell) /b and binfrastructure-as-code tools (Ansible, Terraform) /b. /p /li li pImprove infrastructure for bnew vulnerability scanning capabilities /b, ensuring comprehensive coverage of on-premises assets. /p /li /ul h3Operational Security and Incident Response /h3 ul li pLead the boperational management /b of security systems, ensuring high availability and rapid response to bsecurity product malfunctions /b (e.g., WAF latency, SIEM failures). /p /li li pAct as the bSecurity Subject Matter Expert (SME) /b in infrastructure projects, identifying security requirements, reviewing low-level designs, and shaping secure solutions. Also to provide support on all the different products and tools managed by the team for internal and external clients. /p /li li pProvide bon-call support /b exclusively for security product outages, including troubleshooting analysis and remediation for infrastructure-related issues. /p /li /ul h3Security Posture Improvement /h3 ul li pDrive the bsecurity roadmap /b for infrastructure, identifying gaps, proposing improvements, and implementing controls to mitigate risks. /p /li li pCollaborate with IT and operations teams to integrate security into bchange management, support cycles, and disaster recovery planning /b. /p /li li pDeploy and configure bnew security products /b (e.g., SOAR, HSM) from initial setup to knowledge transfer for the bSecurity Operations team /b. /p /li /ul h3Documentation and Knowledge Sharing /h3 ul li pMaintain bdetailed documentation /b for security systems, policies, and procedures. /p /li li pStay current with bemerging threats and vulnerabilities /b relevant to infrastructure and share knowledge within the team. /p /li /ul h3What you’ll bring /h3 pbMinimum 3 years of hands-on experience /b in bon-premises/hybrid infrastructure security /b, with a focus on: /p ul li pbDesign, deployment, and support /b of security technologies: Firewalls (e.g., Palo Alto, Fortinet), IDS/IPS, EPP/EDR (e.g., CrowdStrike, SentinelOne), SIEM (e.g., Splunk, QRadar), and vulnerability management platforms. /p /li li pbHardening and securing /b Windows/Linux servers, network devices, and physical data centers. /p /li li pbAutomation and scripting /b for security operations (Python, Bash, PowerShell, Ansible, Terraform). /p /li li pbHybrid environment security /b: Applying security controls to infrastructure and integrating with private/public cloud services. /p /li /ul pbPractical knowledge /b of: /p ul li pbSecurity controls /b: Network segmentation, access control, logging/monitoring, and incident response. /p /li li pbIndustry standards /b: NIST, MITRE, CIS benchmarks, ISO 27001, and ITIL change management processes. /p /li li pbSecurity appliance management /b: Configuration, troubleshooting, and lifecycle management of physical/virtual security appliances, Windows and Linux server administration. /p /li /ul pbRequired personal skills /b /p ul li pbTeam player /b: Reliable, collaborative, and supportive in a global team environment. /p /li li pbPassion for learning /b: Committed to staying ahead of bsecurity threats /b and evolving technologies. /p /li li pbSelf-organized /b: Ability to manage multiple tasks, prioritize effectively, and meet deadlines in a fast-paced environment. /p /li li pbConfidentiality /b: Strict adherence to handling sensitive company and personnel data. /p /li li pbStrong communication /b: Excellent technical writing and verbal skills in English; ability to explain complex security concepts to non-technical stakeholders. /p /li /ul pbEducation/Certifications: /b /p pbNon-essential but an asset /b /p ul liDegree in Computer Science, Cybersecurity, or related field (or equivalent experience). /li liSecurity certifications: Comptia Security +, CCNA CyberOps, Vendor related certifications. /li /ul /p #J-18808-Ljbffr