Job Description

Ensign is hiring !
Key Responsibilities
Design, deploy, configure, and maintain security solutions such as SIEM, SOAR, EDR, NDR, DLP, IAM, firewalls, and cloud security platforms.
Lead and support complex security investigations, incident response, and root cause analysis.
Ensure security solutions are stable, optimised, and aligned with security architecture and best practices.
Perform security tuning, threat detection improvement, and false-positive reduction.
Architecture & Implementation
Support security solution architecture and technical design during deployment (Day One) and post-deployment operations (Day Two).
Review security architecture, identify gaps, and recommend remediation or improvement plans.
Work closely with infrastructure, cloud, application, and network teams to integrate security controls.
Automation & Continuous Improvement
Develop and implement automation, scripts, and workflows to improve operational efficiency and reduce manual effort.
Drive standardisation of security processes, playbooks, and runbooks.
Contribute to service stability, performance improvements, and reduction of recurring incidents.
Advisory & Stakeholder Engagement
Act as a technical advisor to internal stakeholders and clients on security risks, controls, and mitigation strategies.
Support audits, compliance assessments, and security reviews (e.g. ISO 27001, SOC 2, PCI-DSS).
Provide clear technical communication to both technical and non-technical stakeholders.
Leadership & Mentorship
Mentor junior engineers and provide technical guidance and peer reviews.
Contribute to technical knowledge sharing, documentation, and internal capability building.
Support team leads and managers in technical decision-making and solution evaluation.
Education
Bachelor's Degree in Computer Science, Information Security, Engineering, or related field (or equivalent experience).
Experience
Minimum 5-8 years of hands-on experience in cybersecurity engineering or security operations.
Strong experience in at least one major security domain (e.g. SOC, SIEM, Cloud Security, Network Security, Endpoint Security).
Experience working in enterprise, MSSP, or system integrator environments is preferred.
Technical Skills
Strong knowledge of security technologies such as:
SIEM/SOAR (e.g. Splunk, QRadar, Sentinel)
EDR/XDR (e.g. CrowdStrike, Defender, SentinelOne)
Network & perimeter security (Firewalls, IPS/IDS)
Cloud security (AWS, Azure, GCP)
Proficiency in scripting or automation (Python, PowerShell, Bash).
Strong understanding of security frameworks (NIST, MITRE ATT&CK, ISO 27001).
Experience with incident response, threat hunting, and vulnerability management.

Skills Required