Security Engineer

Key Responsibilities

• Lead investigation and response for complex or high-impact security incidents, including coordination across cross-functional teams.
• Oversee daily security operations to ensure timely detection, triage, and resolution of security alerts and incidents.
• Drive improvements in detection coverage, including tuning alerts, queries, and dashboards across SIEM (Elastic) and EDR platforms.
• Develop and enhance incident response processes, playbooks, and operational workflows.
• Work with IT and business stakeholders to implement remediation actions and strengthen security controls.
• Oversee vulnerability management prioritisation and remediation tracking with system owners.
• Identify and implement automation and workflow improvements to improve operational efficiency.
• Mentor and guide engineers, supporting knowledge sharing and capability development within the team.
• Ensure accurate incident documentation, reporting, and post-incident reviews are conducted.
• Oversee and contribute to weekly and monthly security operations reporting, including metrics, incident trends, and improvement actions.
• Participate in on-call escalation support for critical incidents.

Requirements

• Degree in Information Security, Computer Science, IT, or equivalent practical experience.
• Proven experience in security operations, incident response, or security engineering roles.
• Strong hands-on experience with SIEM (preferably Elastic) and EDR platforms.
• Solid experience with CrowdStrike Falcon EDR, including RTR, IOA detections, investigation, and response actions.
• Strong understanding of incident response methodologies, attack techniques, and threat detection.
• Experience coordinating incident response across multiple teams.
• Strong knowledge of operating systems (Windows, Linux, macOS) and networking fundamentals.
• Ability to analyse complex security events and drive resolution.