Job Description

Ensign is hiring !

Key Responsibilities

• Design, deploy, configure, and maintain security solutions such as SIEM, SOAR, EDR, NDR, DLP, IAM, firewalls, and cloud security platforms.

• Lead and support complex security investigations, incident response, and root cause analysis.

• Ensure security solutions are stable, optimised, and aligned with security architecture and best practices.

• Perform security tuning, threat detection improvement, and false-positive reduction.
   

Architecture & Implementation

• Support security solution architecture and technical design during deployment (Day One) and post-deployment operations (Day Two).

• Review security architecture, identify gaps, and recommend remediation or improvement plans.

• Work closely with infrastructure, cloud, application, and network teams to integrate security controls.
   

Automation & Continuous Improvement

• Develop and implement automation, scripts, and workflows to improve operational efficiency and reduce manual effort.

• Drive standardisation of security processes, playbooks, and runbooks.

• Contribute to service stability, performance improvements, and reduction of recurring incidents.
   

Advisory & Stakeholder Engagement

• Act as a technical advisor to internal stakeholders and clients on security risks, controls, and mitigation strategies.

• Support audits, compliance assessments, and security reviews (e.g. ISO 27001, SOC 2, PCI-DSS).

• Provide clear technical communication to both technical and non-technical stakeholders.
   

Leadership & Mentorship

• Mentor junior engineers and provide technical guidance and peer reviews.

• Contribute to technical knowledge sharing, documentation, and internal capability building.

• Support team leads and managers in technical decision-making and solution evaluation.

Education

• Bachelor’s Degree in Computer Science, Information Security, Engineering, or related field (or equivalent experience).

Experience

• Minimum 5–8 years of hands-on experience in cybersecurity engineering or security operations.

• Strong experience in at least one major security domain (e.g. SOC, SIEM, Cloud Security, Network Security, Endpoint Security).

• Experience working in enterprise, MSSP, or system integrator environments is preferred.

Technical Skills

• Strong knowledge of security technologies such as:

  • SIEM/SOAR (e.g. Splunk, QRadar, Sentinel)

  • EDR/XDR (e.g. CrowdStrike, Defender, SentinelOne)

  • Network & perimeter security (Firewalls, IPS/IDS)

  • Cloud security (AWS, Azure, GCP)

• Proficiency in scripting or automation (Python, PowerShell, Bash).

• Strong understanding of security frameworks (NIST, MITRE ATT&CK, ISO 27001).

• Experience with incident response, threat hunting, and vulnerability management.

Job Requirements