Security Engineer (Infrastructure) - ESK Agency

Your mission

As an Infrastructure Security Engineer, you will join our global information security team to design, deploy, and maintain security controls for our private cloud and on-premises infrastructure. Your role is critical in protecting our servers, networks, and data centers from internal and external threats, ensuring operational resilience while enabling the organization to function securely.

You will have full responsibility for the engineering, maintenance, and day-to-day operations of security systems that protect our data and IT assets, with a focus on practical, hands-on implementation and continuous improvement.

What You Will Do

Design, Deployment, and Maintenance of Security Controls in a hybrid environment

• Engineer, deploy, maintain and improve security technologies, including:

  • WAF, IDS/IPS, and endpoint protection platforms (e.g., CrowdStrike, Cortex, SentinelOne).

  • SIEM solutions (e.g., Splunk, QRadar, ELK) for log aggregation, correlation, and alerting.

  • Vulnerability management platforms for scanning, patching, and remediation.

• Automate routine security tasks (e.g., vulnerability scanning, patch management, configuration compliance) using scripting (Python, Bash, PowerShell) and infrastructure-as-code tools (Ansible, Terraform).

• Improve infrastructure for new vulnerability scanning capabilities, ensuring comprehensive coverage of on-premises assets.

Operational Security and Incident Response

• Lead the operational management of security systems, ensuring high availability and rapid response to security product malfunctions (e.g., WAF latency, SIEM failures).

• Act as the Security Subject Matter Expert (SME) in infrastructure projects, identifying security requirements, reviewing low-level designs, and shaping secure solutions. Also to provide support on all the different products and tools managed by the team for internal and external clients.

• Provide on-call support exclusively for security product outages, including troubleshooting analysis and remediation for infrastructure-related issues.

Security Posture Improvement

• Drive the security roadmap for infrastructure, identifying gaps, proposing improvements, and implementing controls to mitigate risks.

• Collaborate with IT and operations teams to integrate security into change management, support cycles, and disaster recovery planning.

• Deploy and configure new security products (e.g., SOAR, HSM) from initial setup to knowledge transfer for the Security Operations team.

Documentation and Knowledge Sharing

• Maintain detailed documentation for security systems, policies, and procedures.

• Stay current with emerging threats and vulnerabilities relevant to infrastructure and share knowledge within the team.

What you’ll bring

Minimum 3 years of hands-on experience in on-premises/hybrid infrastructure security, with a focus on:

• Design, deployment, and support of security technologies: Firewalls (e.g., Palo Alto, Fortinet), IDS/IPS, EPP/EDR (e.g., CrowdStrike, SentinelOne), SIEM (e.g., Splunk, QRadar), and vulnerability management platforms.

• Hardening and securing Windows/Linux servers, network devices, and physical data centers.

• Automation and scripting for security operations (Python, Bash, PowerShell, Ansible, Terraform).

• Hybrid environment security: Applying security controls to infrastructure and integrating with private/public cloud services.

Practical knowledge of:

• Security controls: Network segmentation, access control, logging/monitoring, and incident response.

• Industry standards: NIST, MITRE, CIS benchmarks, ISO 27001, and ITIL change management processes.

• Security appliance management: Configuration, troubleshooting, and lifecycle management of physical/virtual security appliances, Windows and Linux server administration.

Required personal skills

• Team player: Reliable, collaborative, and supportive in a global team environment.

• Passion for learning: Committed to staying ahead of security threats and evolving technologies.

• Self-organized: Ability to manage multiple tasks, prioritize effectively, and meet deadlines in a fast-paced environment.

• Confidentiality: Strict adherence to handling sensitive company and personnel data.

• Strong communication: Excellent technical writing and verbal skills in English; ability to explain complex security concepts to non-technical stakeholders.

Education/Certifications:

Non-essential but an asset

• Degree in Computer Science, Cybersecurity, or related field (or equivalent experience).

• Security certifications: Comptia Security +, CCNA CyberOps, Vendor related certifications.