Alternate Job Titles

Information Security Engineer, Cyber Security Engineer, Security Systems Engineer, IT Security Engineer, Protection Engineer

Job Level

Specialist

Functional Group

Software and Systems

Job Family

IT Security

Job Description

The Security Engineer is responsible to:

  • Design, develop and implement secure system architectures.
  • Develop system security criteria.
  • Describe the baseline security system design.
  • Conduct security threat and vulnerability studies.
  • Embed security principles into the design of system architectures to mitigate the risks posed by new technologies and business practices.
  • Design artefacts, spanning design, development and implementation, into enterprise systems that describe security principles and how they relate to the overall enterprise system architecture.
  • Perform routine activities related to the periodic review and audit activities of infrastructure security systems and maintains documentation of security standards and procedure.

Critical Work Function

Development of Architecture Requirements and Oversight Maintenance

  • Design security controls and systems in alignment with security guidelines.
  • Analyse and validate the system security baseline.
  • Assist in the testing and evaluation of new security technologies and controls.
  • Recommend security products, services and procedures to enhance system architecture designs.
  • Document the design, operation, use, and expected outputs of new systems.
  • Conduct research on modern security software architectures and network architecture design best practices.

Implementation of Security Systems

  • Implement the security system design via production and conduct deployment planning.
  • Prepare preliminary performance specifications for security hardware and software.
  • Implement new enterprise security architecture, technologies and enhancements.
  • Identify techniques to scale up and automate security infrastructure and processes.
  • Resolve issues that arise in implementation of new security systems.
  • Monitor security systems for strengths and weaknesses and propose improvements to address weaknesses.
  • Process identified threats and vulnerabilities through system design modifications and risk management techniques.

Management of Security Systems

  • Address operational and support security concerns through continual risk management via the programme protection process.
  • Determine the acceptable risk level of residual security vulnerabilities.
  • Transform security needs into security guidance to be integrated into the activities of other disciplines.
  • Oversee the maintenance of security systems, platforms and associated software.
  • Develop and implement custom disaster recovery drills and simulation tests on existing systems.
  • Assist in the resolution of identified problems and incidents.
  • Integrate the efforts of all engineering disciplines and specialties into a combined understanding of the trustworthiness of a system.

Entry Requirements

#1

Security Engineer

BDQF Level 6 in Bachelor’s degree Cyber Security, IT Security Management, Information Security, Computer/ System/Network Information Systems, Computer Science, and any related field or

BDQF Level 5 – 4 to 6 years of experience or

BDQF Level 4 with 6 to 8 years of industry relevant experience as a security analyst or similar or related field
experience or possesses relevant portfolio/experience

Skills & Competencies

Technical Skills

Soft Skills

Recommended Technical Training Courses

Certified Ethical Hacker (CEH)

Certified Information Security Manager (CISM)

Certified Information Systems Auditor (CISA)

Certified Information Systems Security Professional (CISSP)

Cisco Certified Network Professional (CCNP) Security

CompTIA Advanced Security Practitioner (CASP+)

CompTia Infrastructure and Cybersecurity Certification

EC-Council Advanced Certification

GIAC Certified Incident Handler (GCIH)

GIAC Security Essentials Certification (GSEC)

Offensive Security Certified Professional (OSCP)

Security+

Systems Security Certified Practitioner (SSCP)

Council of Registered Ethical Security Testers (CREST) Certification

Red Hat Enterprise Linux (RHEL) Administration

CISCO Certified CyberOps

Microsoft Certified Solutions Associate (MCSA): Windows Server Administration