Senior Information Security Engineer

Responsibilities

• Maintain and continuously improve the Information Security Management System (ISMS) in accordance with ISO/IEC 27001
• Develop, review, and maintain security policies, procedures, standards, and supporting documentation
• Coordinate internal, external, and surveillance audits, including corrective action tracking
• Conduct risk assessments and support risk treatment planning activities
• Perform vendor and third-party security assessments
• Manage vulnerability assessment and remediation activities in collaboration with development and infrastructure teams
• Monitor and investigate security events generated from SIEM, EDR/XDR, and other security solutions
• Support incident response activities and coordinate with relevant stakeholders during security incidents
• Generate security metrics, reports, dashboards, and management updates

Requirements

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field
• 5 years of experience in Information Security, Cybersecurity, GRC, or Security Operations
• Demonstrated hands-on experience with ISO/IEC 27001 implementation and audit activities
• Experience with SIEM platforms such as Wazuh or similar solutions
• Experience with vulnerability management tools such as Nessus, OpenVAS, or equivalent
• Familiarity with EDR/XDR solutions such as SentinelOne or similar technologies
• Strong understanding of information security governance, risk management, and compliance principles

Preferred Qualifications

• ISO/IEC 27001 Lead Implementer or Lead Auditor certification
• CISM, CISSP, or CEH certifications
• Knowledge of industry frameworks such as NIST CSF, CIS Controls, and OWASP

About the Company

Strategic Systems International is dedicated to creating a workplace where every voice is heard and every person is respected. We value diversity and inclusion, striving to build a culture of belonging where everyone has the opportunity to succeed.