Cyber Security Engineer

Job SummaryWe are seeking a motivated and skilled Cybersecurity Engineer with around 5 years of experience to strengthen the security of our cloud and on-premise environments. The role involves working across incident response, digital forensics, IAM/PAM, vulnerability management, SIEM, endpoint protection, and compliance. You will collaborate with IT, DevOps, Compliance, and Risk teams to implement and maintain security best practices across Azure, AWS, and hybrid infrastructures.Job Description

Company Description

IGI - International General Insurance Co. Ltd. is a leading international specialist commercial insurer and reinsurer with a global portfolio of Energy, Property, Construction & Engineering, Ports & Terminals, Marine, Financial Institutions, General Aviation, Professional Indemnity, Casualty, Directors' and Officers', Legal Expenses, Political Violence, Contingency and Treaty Reinsurance. Registered in Bermuda as a limited liability company, with operational headquarters in Amman, Jordan and offices in London, Malta, Bermuda, Norway, Dubai, Kuala Lumpur and Casablanca, we aim to deliver outstanding levels of service to our clients and brokers. Our ratings reflect the financial strength of our business: "A" (Stable) from AM Best; "A-" (Stable) from S&P. In 2024, we had net earnings of $135.2 million. Our holding company has assets in excess of $2,037.6 million, as of 31 December 2024.

Key Responsibilities

Incident Response & Forensics

• Assist in incident response, investigation, and recovery across cloud and on-prem systems.

• Monitor and analyze security events using SIEM platforms (e.g., Microsoft Sentinel, Splunk).

• Document findings and participate in post-incident reviews.

• Gain hands-on exposure to forensic tools (FTK, Autopsy, Velociraptor) under senior guidance.

Threat Hunting & Intelligence

• Conduct proactive threat hunting using SIEM and EDR data (Microsoft Sentinel, Defender).

• Leverage threat intelligence feeds to detect IOCs and emerging attack techniques.

• Apply frameworks like MITRE ATT&CK to strengthen detection rules and hunt playbooks.

• Support SOC teams in improving detection and alerting capabilities.

Network & Endpoint Security

• Support deployment and management of firewalls, IDS/IPS, VPNs, and Zero Trust models (Fortinet, Palo Alto, Cisco).

• Implement and maintain endpoint protection solutions (Defender for Endpoint, CrowdStrike, SentinelOne).

• Enforce secure remote access, segmentation, and privileged network controls.

Identity & Access Management

• Manage IAM solutions (Azure AD, SailPoint, Okta).

• Support PAM platforms (CyberArk, BeyondTrust, Microsoft PIM).

• Configure and enforce MFA, SSO, RBAC, and Conditional Access Policies.

Vulnerability & Risk Management

• Conduct regular vulnerability assessments and coordinate remediation.

• Operate tools such as Qualys, Nessus, or Outpost24 to track and reduce exposure.

• Assist with third-party/vendor risk assessments.

Compliance & Governance

• Contribute to internal security audits, control testing, and compliance initiatives.

• Hands-on experience with at least two major compliance frameworks, such as:

• ISO 27001 & ISO information security management)

• GDPR (data privacy)

• SOX (financial data security)

• NIST CSF & RMF (risk assessment)

• SOC 2 (security auditing)

• DORA (financial sector resilience)

• CIS Controls & Benchmarks (system hardening)

• Cloud Security Alliance (CSA) CCM (cloud compliance)

• Support rollout of security awareness and training initiatives.

• Assist in maintaining documentation and governance frameworks.

Data Protection

• Support implementation of DLP and data classification solutions (Microsoft Purview, McAfee DLP).

• Apply encryption and secure backup practices to safeguard sensitive data.

• Contribute to disaster recovery (DR) and business continuity (BCP) activities.

Key Attributes & Qualifications

Technical Skills & Experience

• Bachelor's degree in Computer Science, Cybersecurity, or related field.

• ~5 years of hands-on experience in cybersecurity, covering incident response, SIEM, vulnerability management, IAM/PAM, and endpoint security.

• Exposure to two or more compliance frameworks (e.g., ISO 27001, GDPR, PCI-DSS, SOX, NIST).

• Familiarity with Zero Trust concepts, cloud security best practices, and security automation.

• Experience across hybrid environments (Azure, AWS, VMware, Hyper-V).

Preferred Certifications

• CompTIA Security+ or CySA+

• CEH or equivalent ethical hacking certification

• CISA or ISO 27001 Lead Implementer (advantageous)

Tools & Technologies Exposure

• Cloud & SIEM: Azure Security Center, Microsoft Defender, Sentinel, Splunk

• Endpoint & Network Security: Cisco Firepower, Fortinet, Palo Alto, Defender for Endpoint, CrowdStrike

• IAM/PAM: Azure AD, Okta, SailPoint, CyberArk, BeyondTrust

• Vulnerability Tools: Qualys, Nessus, Rapid7

• Automation (basic exposure preferred): Terraform, Ansible, Azure DevOp

---