Job Description

Ensign is hiring !
The Associate Security Engineer will be responsible for supporting day-to-day security operations, monitoring security alerts, performing incident analysis, and assisting in the maintenance of security infrastructure. This role is ideal for individuals looking to build a strong foundation in cybersecurity operations and technologies within a fast-paced and dynamic environment.
1. Security Monitoring & Incident Handling
Monitor, analyze, and respond to security alerts and incidents using SIEM and other monitoring tools.
Perform initial triage, categorize incidents, and escalate cases according to defined procedures.
Assist in threat hunting and proactive detection of anomalies in the environment.
Document incidents, actions taken, and recommendations for improvement.
2. Security Infrastructure Support
Support the configuration, maintenance, and monitoring of security tools such as firewalls, IDS/IPS, endpoint protection, and vulnerability scanners.
Participate in system patching, updates, and security compliance reviews.
Assist in maintaining up-to-date documentation of security systems and processes.
3. Vulnerability & Threat Management
Assist in vulnerability scanning and reporting, ensuring remediation is tracked and closed.
Stay updated with the latest cybersecurity threats, vulnerabilities, and best practices.
4. Compliance & Reporting
Support internal and external security audits.
Prepare and maintain periodic security reports, dashboards, and metrics.
Ensure security controls align with company policies, regulatory, and customer requirements.
5. Collaboration & Continuous Improvement
Work closely with SOC analysts, IT teams, and engineering teams to enhance the organization's security posture.
Contribute to continuous improvement of processes, playbooks, and response workflows.
Participate in knowledge sharing and training sessions to enhance technical capability.
Education & Experience:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
0-2 years of experience in cybersecurity operations, network security, or system administration (internship or project experience acceptable).
Technical Skills:
Basic understanding of cybersecurity concepts such as firewalls, IDS/IPS, SIEM, endpoint protection, and threat intelligence.
Familiarity with tools such as Splunk, QRadar, or ArcSight (advantageous).
Knowledge of TCP/IP, DNS, routing, switching, and general network troubleshooting.
Exposure to Windows and Linux security fundamentals.
Basic scripting skills (Python, PowerShell, or Bash) will be an added advantage.
Soft Skills:
Strong analytical and problem-solving abilities.
Good written and verbal communication skills.
Team player with high integrity and accountability.
Willingness to work in rotational shifts (if assigned under SOC).

Skills Required