Security Engineer at Sama

About The Job

Sama is a worldwide technology company and is looking for a seasoned Security Engineer to join the Sama IT team. Our focus is the design, implementation and delivery of solutions as part of corporate cybersecurity strategy and roadmap.

Do you enjoy solving complex security problems? As a Security Engineer in Sama, you will be responsible for the security posture and performance of the company's IT infrastructure and a subject matter expert in the area of security design.

Key Responsibilities

• Recommend, evaluate and design cybersecurity solutions that meet security requirements, current state constraints and alignment to target state architecture;
• Outline functional and non-functional requirements for security solutions and participate in the software selection & acquisition processes;
• Provide security leadership by clearly presenting security architecture plans and their respective value to IT and business stakeholders;
• Perform hands-on gap or risk assessments to identify significant information security risks (including applications, systems, data centers, infrastructure and vendor security risk assessments) to determine the organizational risk posture.
• Help Infrastructure engineers deploy secure systems by advising on security practices and controls.
• Be responsible for the implementation and ongoing development of a robust security governance process that ensures projects adhere to corporate security architecture, best practices and standards;
• Develop expertise in different security domains Cloud Security, Data Security, Endpoint Protection, Mobile device security and IAM.
• Designing and updating correlation rules in the Sama SIEM based on client security controls and cyber threat circumstances. Create/maintain correlation guidelines and review process.
• Be an Incident Response Manager and troubleshoot security incidents, correlation rules creation/update and other issues related to log ingestion and monitoring.
• Determine security requirements by evaluating business strategies and requirements; researching information security frameworks; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing effort estimates.
• Define security strategies by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; completing documentation.
• Lead internal & external security audits and ensure compliance, Manage remediation efforts and track the completion status of deficiencies.
• Help monitor technology trends in cybersecurity and security architecture.

Minimum Qualifications

• Bachelor's Degree, preferably in Computer Engineering, Computer Science or related field;
• 3+ years’ experience with security solution architecture and design;
• 5+ years experience in one or more of the following security domains: Cloud Security, Data Security, Endpoint Security;
• Hands-on experience with popular Cloud Vendors and technologies such as AWS, GCP.
• Experience in implementing Zero-Trust Architecture tools and designs.
• Proven experience in implementing and supporting enterprise-grade security platforms, software and infrastructure.
• Experience with different elements ensuring network security (firewalls, proxies, etc.)

Good To Have

• Experience with security standards such as ISO 27001/27002/27005, NIST, COBIT and ITIL Certified auditor is a plus.
• Security-related technical certifications (CISSP, CRISC, CBCP, CISA, CISM or equivalent).
• Experience managing a SOC team