Infrastructure Security Engineer

Your responsibilities:
 

• Participate in Infrastructure Security Engineering projects.
• Design, implement, configure, operate, maintain, and troubleshoot IT security solutions.
• Onboard new assets, ensuring coverage and functional KPIs remain intact while monitoring the health, performance, and lifecycle of the platforms.
• Interconnect and integrate IT security platforms with third-party systems such as ITSM, CMDB, Threat Intelligence, reputation sources, and more.
• Automate and streamline repetitive tasks using scripts, APIs, and workflows.
• Develop and enforce security policies, baseline configurations, and system hardening standards.
• Create and maintain technical documentation, including security architecture diagrams and operational procedures.
• Establish and maintain governance and standards for infrastructure and security tools.
• Ensure adherence to internal policies and compliance frameworks.
• Understand business needs and assist in identifying, gathering, and implementing functional requirements.
• Collaborate with cross-functional teams, vendors, and managed services providers to align security objectives with organizational goals.
• Continuously enhance infrastructure security services to deliver added value for Alpiq.
• Provide ongoing support and training to internal customers.

 
Your qualification:
 

• Degree in STEM field with 5+ years of professional experience, or 10+ years in the information technology field.
• Strong understanding of IT security platforms, including Endpoint Management/Security, EDR, Vulnerability Management, Antivirus, DLP, CSPM, DAST/SAST, and SIEM.
• Understanding of network, communication, security, and application protocols, with experience in troubleshooting HA setups, communication flows, client-server architectures, application tunnels, proxies, and firewalling, using tools like tcpdump, Wireshark, traceroute, netstat, nmap, Postman, curl, netcat, socat, openssl, gdb, strace, lsof,  Sysinternals suite, etc.
• Understanding of system and software dependencies, libraries, and system modules.
• Familiarity with cloud technologies and configurations, including Azure Security (e.g., Entra, Microsoft Defender ecosystem, Sentinel) and AWS services, with expertise in platform servers configuration, system hardening, patching, and baseline configuration for Linux (Debian, RHEL, SUSE) and Windows Server environments.
• Familiarity with relational and non-relational databases, querying languages like SQL, KQL, GraphQL, and experience with data/log analysis and parsing.
• Hands-on experience with system health and performance monitoring, complex upgrades of security platforms, and appliance maintenance.
• Familiarity with AD, SSO, and RBAC for user and group management.
• Proficiency in scripting, including Bash, PowerShell, and Python, for creating scripts, integrations, and working with APIs and SDKs, with experience in automation tools, ITSM workflows, and CMDB schema for streamlined deployments and operations.
• Ability to align IT operations with regulatory and organizational standards using frameworks like ITIL, CIS, NIST, and GDPR.
• Ability to build labs and testing environments using technologies like apt, yum, snap, npm, conda, pip, git, make, and Docker.
• Experience working in global, heterogeneous environments.
• Experience with creating, maintaining, and managing documentation for system configurations, processes, workflows, compliance standards, and troubleshooting guides.
• Strong attention to detail and sense of ownership.
• Strong organizational and coordination skills, with the ability to multitask and deliver under tight deadlines, a strong delivery focus, and excellent presentation and communication skills, including vendor management.
• Pragmatic, flexible, and motivated to learn new topics, with a service and customer-oriented mindset and a team-player attitude.
• Self-driven, assertive, and adaptable, with the ability to think out-of-the-box and deliver viable solutions.
• Fluency in English.