ICT Security Engineer

. Perform scheduled and ad-hoc vulnerability scans using VMS

. Validate remediation of vulnerabilities identified by VMS

. Analyze scan results, validate findings, and eliminate false positives

. Prioritize vulnerabilities based on CVSS scores and organizational risk context

. Coordinate with system owners to validate fixes, perform rescans, and ensure closure within SLA timelines

. Track remediation progress and generate regular vulnerability reports

. Track compliance with patching SLAs

. Perform host configuration reviews(e.g., CIS benchmarks)

. Maintain and update scan policies, plugins, and configurations

. Monitor security events and logs using Splunk

. Develop and fine-tune search queries, dashboards, and alerts

. Perform log reviews to identify anomalies, suspicious patterns, and threats

. Correlate logs across multiple sources (servers, firewalls, endpoints, applications)

. Investigate alerts and escalate confirmed incidents

. Prepare audit artifacts such as vulnerability reports, log review records

. Maintain SOPs for vulnerability scanning and log monitoring processes

. Assist in system hardening and patch validation after vulnerability remediation

. Assist in improving security controls and system hardening

. Stay updated on emerging vulnerabilities and threat intelligence

. Hands-on experience with Nessus (scan configuration, report analysis)

. Understanding of vulnerability scoring (CVSS), patching, and risk prioritization

. Familiarity with log sources: Windows Event Logs, Linux sys logs, firewall logs, application logs

. Conduct periodic reviews of privileged and administrative accounts across systems and applications

. Investigate suspicious activities such as privilege escalation or abnormal admin actions

. Ensure compliance with security policies and standards for privileged access

. Provide security recommendations and guidance to technical teams during system changes or deployments

. Support audit and compliance activities by liaising with stakeholders to gather required evidence

. Ability to follow structured processes and compliance requirements

. Good communication skills for working with system owners and auditors
Regret to inform you that only shortlisted candidates will be notified.

CEI: R1988671

EA License: 14C7275