Information Security Engineer III

Job Title: Information Security Engineer III

About the Role

The ideal candidate is a hands-on security expert with a broad technical background, deep problem-solving abilities, and a proactive mindset.

Key Responsibilities:

• Lead secure SDLC initiatives by integrating security into design, development, and deployment workflows.
• Conduct threat modeling for both applications and infrastructure to identify and mitigate risks early in the lifecycle.
• Secure cloud platforms, including identity controls, configuration hardening, and policy enforcement.
• Assess and secure financial web applications hosted in AWS through code reviews, penetration testing coordination, and architecture reviews.

• Operate and optimize key security platforms such as:
• EDR/XDR solutions
• DLP solutions across endpoints, cloud, and email
• Email Security Solutions
• Ensure proper tuning, coverage, and integration of security tools with enterprise IT systems and logging pipelines.

• Lead and coordinate the identification, triage, and remediation of vulnerabilities across cloud, endpoints, and infrastructure.
• Support ongoing patch management strategy, vulnerability scanning, and threat intelligence correlation.

• Develop and enforce hardened configurations for endpoints (Windows/Linux), servers, and network appliances.
• Align baseline configurations with CIS benchmarks and industry best practices.

• Design, implement, and tune detection rules and logic in SIEM/XDR platforms for proactive threat identification.
• Collaborate with different colleagues to improve alert fidelity, reduce false positives, and create meaningful security detections.

• Participate in day-to-day security monitoring using SIEM, EDR/XDR, and other detection platforms to augment the SOC team when required.
• Assist in configuring and tuning monitoring tools for optimal detection coverage.
• Collaborate with different teams to investigate security alerts and incidents.
• Support incident response activities, including triage, containment, and remediation efforts.
• Contribute to post-incident reviews and continuous improvement of detection and response processes.

• Contribute to BCP/DR planning and implementation with a security-first approach.
• Collaborate with stakeholders to ensure critical business processes remain secure and resilient.

• 8+ years of progressive experience in information security roles, preferably with exposure across application, cloud, and infrastructure domains.
• Bachelor's Degree in Computer Science, Information Technology, Software Engineering, Computer Engineering, Electronics Engineering, or related field.
• Proven experience in managing and securing cloud platforms.
• Hands-on experience with security tools including EDR, DLP, email security, vulnerability scanners, and SIEM.
• Strong knowledge of secure SDLC practices, application security testing, and DevSecOps integration.
• Experience with identity and access management (IAM), conditional access, and zero trust architecture.
• Solid background in detection engineering, incident response, and threat modeling methodologies (STRIDE, MITRE ATT&CK, etc.).
• Familiarity with regulatory and compliance standards (e.g., NIST, ISO 27001, GDPR, SOC 2, PCI-DSS).
• Excellent communication and collaboration skills; ability to work across technical and non-technical teams.

By applying to this job, you are permitting our organization to use your personal data solely for recruitment purposes. This data may be shared with third-party services to streamline the processing of your application and with our parent company, ETS London, for recruitment assessment and interview purposes.

Data Protection Officer at [email protected].