ICT Security Engineer

·       Perform scheduled and ad-hoc vulnerability scans using VMS

·       Validate remediation of vulnerabilities identified by VMS

·       Analyze scan results, validate findings, and eliminate false positives

·       Prioritize vulnerabilities based on CVSS scores and organizational risk context

·       Coordinate with system owners to validate fixes, perform rescans, and ensure closure within SLA timelines

·       Track remediation progress and generate regular vulnerability reports

·       Track compliance with patching SLAs

·       Perform host configuration reviews(e.g., CIS benchmarks)

·       Maintain and update scan policies, plugins, and configurations

·       Monitor security events and logs using Splunk

·       Develop and fine-tune search queries, dashboards, and alerts

·       Perform log reviews to identify anomalies, suspicious patterns, and threats

·       Correlate logs across multiple sources (servers, firewalls, endpoints, applications)

·       Investigate alerts and escalate confirmed incidents

·       Prepare audit artifacts such as vulnerability reports, log review records

·       Maintain SOPs for vulnerability scanning and log monitoring processes

·       Assist in system hardening and patch validation after vulnerability remediation

·       Assist in improving security controls and system hardening

·       Stay updated on emerging vulnerabilities and threat intelligence

·       Hands-on experience with Nessus (scan configuration, report analysis)

·       Understanding of vulnerability scoring (CVSS), patching, and risk prioritization

·       Familiarity with log sources: Windows Event Logs, Linux sys logs, firewall logs, application logs

·       Conduct periodic reviews of privileged and administrative accounts across systems and applications

·       Investigate suspicious activities such as privilege escalation or abnormal admin actions

·       Ensure compliance with security policies and standards for privileged access

·       Provide security recommendations and guidance to technical teams during system changes or deployments

·       Support audit and compliance activities by liaising with stakeholders to gather required evidence

·       Ability to follow structured processes and compliance requirements

·       Good communication skills for working with system owners and auditors
Regret to inform you that only shortlisted candidates will be notified.

CEI: R1988671

EA License: 14C7275