Infrastructure Security & System Engineering

About Unilabs

Headquartered in Geneva and part of the A.P. Moller Group, Unilabs is a leading European diagnostic services provider, that aspires to be at the heart and start of all effective treatment decisions. 

With operations in 14 countries, Unilabs is positioned as a leading diagnostics company with one of the broadest geographic coverages in Europe. 

Unilabs possesses the most comprehensive portfolio of diagnostic services in Europe, serving: public and private healthcare providers, county councils, the general public, insurance companies, the pharmaceutical industry and Contract Research Organizations. 

About the Role

We are looking for a Senior System Engineer with a strong focus on cybersecurity to lead the protection and resilience of our hybrid IT infrastructure. The ideal candidate will be an experienced professional who can secure and manage on-premises Windows and Linux servers, protect enterprise databases, and oversee the deployment and management of cloud-based security platforms, including Microsoft Defender for Endpoint, Microsoft Sentinel, and Zscaler.

Key Responsibilities:

Infrastructure Security & System Engineering

• Design, implement, and maintain secure system configurations across Windows Server and Linux Server environments.
• Lead the hardening, patching, and continuous monitoring of critical on-prem infrastructure.
• Enforce least-privilege access, auditing, and secure remote access across all systems.

Cloud Security Architecture

• Lead the deployment, configuration, and tuning of:
• Microsoft Defender for Endpoint across servers and endpoints.
• Microsoft Sentinel for threat detection, hunting, and automated response.
• Zscaler solutions (ZIA/ZPA) to secure user and application traffic.
• Integrate on-premise systems with cloud-based security tools for centralized visibility and control.

Database Security Oversight

• Define and enforce security controls across SQL and NoSQL databases (access, encryption, logging).
• Collaborate with DBAs to ensure data-at-rest and in-transit protections are in place and compliant.

Incident Response & Threat Hunting

• Lead investigations into complex security incidents; provide technical guidance during containment, eradication, and recovery phases.
• Perform proactive threat hunting using Sentinel and threat intelligence feeds.
• Conduct root cause analysis and implement long-term mitigation strategies.

Governance, Risk & Compliance

• Develop and maintain security documentation, architecture diagrams, and system baselines.
• Support internal and external audits (ISO 27001, GDPR, etc.) by providing technical evidence and guidance.
• Ensure compliance with security policies, regulatory requirements, and best practices.

Leadership & Mentoring

• Act as a subject matter expert for infrastructure and cloud security topics.
• Mentor junior engineers and contribute to internal training programs.
• Influence enterprise security strategy and participate in technology planning initiatives.

Requirements

• Technical Skills & Experience:
• 5+ years of experience in system engineering or cybersecurity roles.
• Advanced knowledge of:
• Windows Server (Active Directory, GPOs, PowerShell, WSUS)
• Linux systems (Ubuntu, CentOS, systemd, SELinux, SSH, auditing)
• Microsoft Defender for Endpoint, Microsoft Sentinel, Zscaler (ZIA/ZPA)
• Security architecture for on-prem and hybrid cloud environments
• Strong understanding of:
• TCP/IP networking, firewalls, VPNs, proxy solutions
• Security Information and Event Management (SIEM)
• Endpoint Detection and Response (EDR)
• Vulnerability management and remediation processes
• Certifications (preferred but not required):
• Microsoft Certified: Cybersecurity Architect Expert / Azure Security Engineer (AZ-500)
• Zscaler Certified Cloud Professional (ZCCP)
• CompTIA Security+, CySA+, or CASP+
• Red Hat Certified Engineer (RHCE) or Linux+
• (ISC)² CISSP or equivalent advanced certifications
• Soft Skills:
• Strategic thinker with strong analytical skills and attention to detail.
• Clear and confident communicator with both technical and non-technical stakeholders.
• Strong leadership, time management, and decision-making capabilities.