Security engineer (tenable | qualys | siem )

JOB DESCRIPTIONSecurity EngineerPalo Alto | Crowd Strike | Qualys | Cyber Ark1. JOB OVERVIEWJob Title:Vulnerability Management EngineerDepartment:Information SecurityFunction:Cybersecurity Reports To:Head of Information Security2. JOB SUMMARYThe Security Engineer is responsible for identifying, assessing, prioritizing, and remediating security vulnerabilities across the organization's infrastructure. The role operates enterprise-grade vulnerability management platforms (Tenable and Qualys), integrates with SIEM solutions such as Splunk, and works closely with SOC, IT Infrastructure, and risk teams to maintain a strong security posture.3. TASKS & RESPONSIBILITIESVulnerability ManagementDesign, deploy, and manage enterprise vulnerability scanning programmes using Tenable (Nessus / Tenable.io / Tenable.sc) and Qualys (VMDR / Cloud Agent).Perform regular authenticated and unauthenticated vulnerability assessments across on-premises, cloud (GCP, AWS, Azure), and hybrid environments.Prioritise vulnerabilities using CVSS scoring, threat intelligence feeds, and business‑criticality context.Track remediation progress, produce trend reports, and present findings to technical and non‑technical stakeholders.SIEM & Security MonitoringIntegrate vulnerability scan data into Splunk (or equivalent SIEM) for correlated alerting and dashboarding.Monitor and analyse security logs, events, and alerts to detect indicators of compromise and respond in a timely manner.Build and maintain SIEM use‑case content (correlation rules, dashboards, and reports) aligned to MITRE ATT&CK.Security OperationsDesign, implement, and maintain secure systems and networks including firewalls, IDS/IPS, NGAV/XDR/NDR, and deception solutions.Implement and manage IAM and PAM solutions in cooperation with application owners and IT teams.Implement and manage Data Loss Prevention (DLP) and Web Proxy solutions.Conduct security audits and compliance assessments (PCI‑DSS, NIA, and other applicable frameworks).Participate in incident response activities including investigation, containment, and recovery.Collaboration & EnablementCollaborate with cross‑functional teams to embed security requirements into system and network design.Provide technical guidance to IT and network engineering teams on effective security control implementation.Conduct knowledge transfer sessions and produce documentation to upskill internal teams.4. JOB REQUIREMENTSAcademic & Professional QualificationsBachelor's degree in Computer Science, Information Systems, Engineering, or equivalent.Relevant security certifications: CISSP, CISM, CEH, or equivalent.ITIL v3 Foundation (desirable).Experience3–4 years of hands‑on experience in information security or a similar field.Minimum 2 years of direct, hands‑on experience with Tenable AND/OR Qualys vulnerability management platforms.Experience with SIEM platforms — Splunk strongly preferred; Azure Sentinel or QRadar considered.Technical Skills — Must HaveProficiency in vulnerability management tools: Tenable (Nessus / Tenable.io / Tenable.sc) and/or Qualys (VMDR).Experience with SIEM technologies (Splunk preferred) for log analysis, correlation, and dashboarding.Hands‑on experience with endpoint security tools: NGAV, XDR, NDR, and deception solutions.Technical experience with firewalls, IDS/IPS, IAM/PAM, DLP, and Web Proxy solutions.Strong understanding of networking: TCP/IP, VLANs, VPNs, routing/switching.Familiarity with compliance frameworks: PCI‑DSS, NIA, and industry security best practices.Soft SkillsStrong analytical thinking and structured, documentation‑driven mindset.Excellent communication skills — ability to convey complex security concepts to non‑technical audiences.Ability to work independently, manage multiple priorities, and meet deadlines.5. COMMUNICATIONS & WORKING RELATIONSHIPSInternal:SOC (Tier 1, 2, 3 Analysts), IT Infrastructure & Network Engineering, Information Governance & Risk, Service Design & Service OperationsExternal:Clients, Technology Vendors (Tenable, Qualys, Splunk), Security Partners & MSSPs6. HEALTH, SECURITY, SAFETY AND ENVIRONMENTEnsure compliance with all relevant health, security, safety and environmental management policies, procedures and controls within own area, monitoring, reviewing, and evaluating on a continuous basis to guarantee employee safety, legislative compliance, delivery of high‑quality service, and a responsible environmental attitude.