IT Security Engineer

SEARGIN IS HIRING!

As a dynamic multinational tech company operating in 50 countries, we drive innovation and create projects that shape the future and greatly enhance the quality of life. You will find our solutions in the space industry, supporting scientists in the development of cancer drugs, and implementing innovative technological solutions for industrial clients worldwide. These are just some of the areas in which we operate!

About the Role

We are looking for an experienced IT Security Engineer to join as one of the founding members of our security team. This is a unique opportunity to help build our security function from the ground up — defining processes, selecting tools, and shaping our overall security architecture.

You will work closely with the Head of IT Operations, Cybersecurity CoE, and IT teams to implement security controls, improve detection capabilities, and respond to security incidents. The role combines hands-on technical work with strategic input into risk and security design.

You will also be involved in client projects within the infrastructure engineering domain.

Key Responsibilities:

SOC Build-Out

• Support the design and implementation of the Security Operations Center (SOC), including selection and deployment of SIEM, EDR/XDR, and SOAR platforms
• Define and document core SOC processes such as alert triage, incident classification, escalation paths, and shift handover procedures
• Develop and maintain SIEM detection rules, correlation logic, and dashboards
• Integrate log sources from on-premises and cloud environments (Microsoft 365, Azure/AWS, firewalls, endpoints, Active Directory)

Security Monitoring & Incident Response

• Monitor security alerts and events in real time, triage incidents, and perform initial investigations
• Support or lead incident response activities including containment, eradication, recovery, and post-incident analysis
• Develop and maintain incident response playbooks for key scenarios such as ransomware, phishing, BEC, insider threats, and data exfiltration
• Conduct root-cause analysis and prepare clear, actionable reports for both technical and business stakeholders

Vulnerability & Risk Management

• Perform regular vulnerability scans and prioritize findings based on CVSS and business impact
• Track remediation efforts and ensure timely resolution of security issues
• Conduct security reviews for infrastructure changes, new systems, and third-party integrations
• Support penetration testing and red/purple team activities

Security Engineering & Hardening

• Design and implement security controls including IAM, PAM, MFA, network segmentation, and email security (DMARC/DKIM/SPF)
• Harden systems, cloud workloads, and network devices following CIS Benchmarks or equivalent standards
• Evaluate and onboard security tools, manage vendors, and support licensing processes

Compliance & Reporting

• Support compliance initiatives such as NIS2, ISO 27001, and GDPR
• Prepare KPI/KRI reports for CISO (including MTTD, MTTR, vulnerability status, and incident trends)
• Maintain up-to-date security documentation (architecture diagrams, runbooks, risk registers)

Requirements

Must Have

• 3+ years of hands-on experience in IT security, security operations, or a closely related role
• Practical experience with SIEM platforms (e.g. Microsoft Sentinel, Splunk, QRadar, Elastic)
• Solid understanding of the MITRE ATT&CK framework and its application in detection engineering
• Experience with EDR/XDR solutions (e.g. Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne)
• Strong skills in log analysis, threat hunting, and network traffic inspection (TCP/IP, DNS, HTTP, TLS)
• Hands-on experience with Windows and Linux security, Active Directory / Entra ID, and common attack techniques
• Experience with cloud security in Azure or AWS (IAM, security groups, logging, CSPM fundamentals)
• Ability to write scripts for automation and investigation (Python, PowerShell, KQL or SPL)
• Strong written and spoken English, with ability to present findings to non-technical stakeholders

Nice to Have

• Experience building or contributing to a SOC from early-stage setup
• Familiarity with SOAR platforms and security workflow automation (e.g. Palo Alto XSOAR, Splunk SOAR, Shuffle, n8n)
• Knowledge of threat intelligence platforms (e.g. MISP, OpenCTI) and IOC management
• Experience in OT/ICS or industrial security environments
• Security certifications such as SC-200, CEH, CompTIA CySA+, BTL1, GCIA, GCIH, OSCP or equivalent

Discover the Power of IT Excellence. Apply!

To learn more about Seargin, please visit our web page: www.seargin.com