Security Engineer, Group Tech

Overview:

The Security Engineer is a critical role responsible for driving and executing the security engineering strategy across the organization. This individual will play a key role in designing, implementing, and maintaining secure systems, applications and infrastructure. The ideal candidate is a highly motivated and experienced security professional with a strong understanding of security best practices, emerging threats, and modern technologies. This role reports to the Head of Security Advisory.

Responsibilities: Technical (80%)

• Design and implement new security solutions and enhancements to existing controls for secure architectures for applications, systems, and infrastructure, including cloud, on-premises, and hybrid environments.
• Develop architectural artifacts and proactive solution architecture to solve complex business problems based on yearly roadmap planning, incoming security work and domain needs.
• Design, implement, and maintain security controls, including Firewalls, Web Application, Firewalls (WAF), Endpoint Detection and Response (EDR) solutions (e.g., FireEye), Intrusion Prevention Systems (IPS), and Network Access Control (NAC) systems.
• Contribute to the execution of security technology refresh initiatives, ensuring systems remain secure and performant.
• Develop and implement automated security controls and processes, such as ID management, vulnerability scanning, threat intelligence feeds, and security information and event management (SIEM) rules, to improve efficiency and scalability.
• Contribute to incident response activities and participate in threat hunting exercises to identify and mitigate emerging threats.
• Design and deploy robust, scalable security tools and infrastructure to automate risk reduction and enhance the organization's defence posture.
• Design, implement, and maintain security controls across the network infrastructure, including firewalls, Intrusion Detection/Prevention Systems (IDS/IPS), VPNs, and Web Application Firewalls (WAFs).
• Develop and enforce network segmentation strategies, Zero Trust principles, and access control policies (e.g., NAC).
• Manage and optimize network logging infrastructure for effective monitoring and threat hunting.

Leadership (20%):

• Provide Subject Matter Expertise to internal and external stakeholders. Collaborate with business and internal customers to understand their security needs and design tailored solutions that address their challenges.
• Participate on various projects and initiatives providing security guidance and direction while ensuring adherence to security policies and standards.

Skills & Experience We Are Looking For:

• Bachelor's Degree in Computer Science, Information Security, or a related field.
• 5 to 7 years experience in information security with at least 3 to 5 years in a security engineering role.
• At least 3-5 years in a dedicated security technical consulting and leadership capacity, preferably within the financial services industry.
• Strong understanding of security principles, including threat modelling, risk assessment, and vulnerability management.
• Proven hands-on experience and in-depth knowledge of managing and operating a wide range of security technologies (e.g., Firewalls, WAF, IPS/IDS, Endpoint Security, NAC, SIEM integration).
• Strong knowledge of IPv4/IPv6, switching technologies, routing protocols, TCP/IP, DNS, DHCP, ARP, VLAN, and subnetting.
• Problem solver who can work independently and collaboratively with support available when needed

For more job opportunities, please go to HLB Careers: https://hlb.wd3.myworkdayjobs.com/HLBCareers/

We appreciate your application and will be in touch with shortlisted candidates regarding next steps.