Cyber Security Engineer

About the role

The company is seeking a Cyber Security Engineer to lead end‑to‑end security operations for an oil‑sector client. You will protect critical infrastructure, ensure operational continuity, and safeguard highly sensitive business and technical information.

Key responsibilities

• Monitor SIEM and XDR platforms, analyze logs, investigate alerts, and conduct threat hunting.
• Manage the full incident response lifecycle: detection, containment, eradication, recovery, forensic analysis, and reporting.
• Design, implement and maintain secure network and system infrastructure, including firewalls, VPNs, IDS/IPS, endpoint protection, hardening controls and zero‑trust principles.
• Perform vulnerability scans, risk assessments, penetration testing, remediation follow‑ups and patch management.
• Administer Identity and Access Management controls such as Active Directory, Microsoft Entra ID, MFA, conditional access and least‑privilege enforcement.
• Support Governance, Risk and Compliance activities, audits, policy enforcement and alignment with ISO 27001 and NIST standards.
• Develop cybersecurity strategies, advise management on risks and align initiatives with business objectives.
• Implement data protection controls including DLP, encryption and email security.
• Monitor emerging threats, maintain IOCs and map threats to MITRE ATT&CK.
• Conduct security awareness training and phishing campaigns.

Required profile

• Proven experience in cybersecurity operations and incident response.
• Strong knowledge of security frameworks such as ISO 27001 and NIST.
• Ability to work with critical infrastructure in the oil sector.

Required skills

• SIEM and XDR platforms
• Firewalls, VPN, IDS/IPS, endpoint protection
• Network hardening and zero‑trust architecture
• Vulnerability scanning, penetration testing, patch management
• Active Directory, Microsoft Entra ID, MFA, conditional access
• ISO 27001, NIST compliance
• DLP, encryption, email security
• MITRE ATT&CK framework