Objective: (summary about the position)Seeking a highly experienced Security Lead Engineer to lead the design, implementation, and continuous improvement of cybersecurity measures across our hybrid environment. This role requires overseeing infrastructure, application, and cloud security; managing threat detection and response systems; guiding the security posture of internally developed software; and ensuring regulatory compliance through GRC frameworks. The ideal candidate brings technical depth, leadership capabilities, and a proactive mindset to protect our digital assets and business operations.Responsibilities: Security Architecture & StrategyDesign, integrate, and maintain end-to-end security architecture for on-premises and cloud environmentsEnsure secure network topology including segmentation, access control, and VPN tunnelsLead development and enforcement of security policies, procedures, and best practicesWork closely with developers and IT architects to embed security into application and infrastructure design SOC, SIEM, and Threat ManagementOversee the operation and tuning of Security Operations Center (SOC) including SIEM platformsManage endpoint protection through EDR and threat-hunting solutionsManage and enhance email security systems to protect against phishing, malware, and spam, ensuring compliance with organizational security policiesLead incident response efforts and develop threat prevention strategies Application and Cloud SecuritySupervise vulnerability scanning and penetration testing for internally developed applicationsLead WAF deployment and optimization to protect business-critical web applicationsImplement security best practices and policy enforcement across multi-cloud environments Governance, Risk & Compliance (GRC)Drive cybersecurity-related compliance programs (e.g., SOC 2 Type 2, ISO 27001)Lead cross-functional GRC initiatives and support internal/external auditsManage security risk assessments and recommend mitigation strategies Documentation & CollaborationMaintain detailed documentation for security controls, policies, systems, and incidentsPlan and conduct quarterly security awareness sessions to educate staff on emerging cyber threats, security best practices, and the organization's security policiesWork collaboratively with software engineers, network teams, DevOps, and business unitsRequirementsMin requirements: Education: Bachelor's degree in engineering, Computer Science, Information Security or a related field Experience: 7 years in cybersecurity and information security roles 5+ years of hands-on experience in security architecture and threat management Qualifications necessary for the vacancy Proven expertise in: Security architecture for hybrid cloud/on-prem setups Firewalls, WAF, EDR, SIEM, UTM, IPS, Proxy, and DDoS mitigation Network security protocols, subnetting, VPNs, and access control models Set of skills necessary for the vacancy Problem-Solving and Analytical Skills: Ability to diagnose and resolve complex technical issues efficiently Skilled in designing and implementing scalable and secure IT solutions Organizational Skills: Strong ability to manage multiple projects and prioritize tasks effectively Commitment to meeting deadlines and maintaining high-quality standards Communication and Teamwork: Excellent written and verbal communication skills Ability to collaborate effectively with team members and stakeholders Certifications (Desirable): CISSP, CISM, CEH, OSCP, CCSP Cloud security certifications (e.g., AWS Security Specialty, Microsoft SC-100/SC-200) IT governance certifications (e.g., ISO 27001 LA, CISA)