Senior Security Engineer

About the role

We are seeking a Senior Security Engineer to support the security accreditation of CMRE systems and applications throughout their lifecycle. The role involves designing, implementing and operating security controls in a complex, multi‑national environment while advising project teams on cost‑effective risk mitigation.

Key responsibilities

• Provide professional contributions to achieve and maintain security accreditation for CMRE systems, data acquisition, processing and storage.
• Advise project teams on cost‑effective countermeasures to minimise security risks during development and operation phases.
• Implement and operate prescribed security controls under the supervision of the CIS Provider and Security Staff.
• Document architecture, procedures and standard operating procedures related to security controls.
• Support security incident management and risk assessment activities.

Required profile

• Bachelor’s degree in Computer Engineering, Computer Science or a related discipline from a recognised university.
• 3‑5 years of experience in security engineering, including supervision of technical teams or security projects.
• Fluent English (SLP 3333).
• Desirable: Master’s degree, experience with NATO or national security accreditation processes, and relevant security certifications (e.g., CISSP, CRISC, CISM).

Required skills

• Knowledge of security frameworks such as ISO 27000 and NIST SP‑800 series.
• Experience with anti‑virus, content filtering, firewalls, authentication systems, vulnerability management, IDS/IPS, DLP and SIEM platforms.
• Web application security expertise (OWASP Top 10, secure SDLC, API security).
• Implementation of security controls in Databricks on Microsoft Azure (Unity Catalog, workspace security, cluster policies, secret scopes, VNet injection, private endpoints).
• Penetration testing and security assessment experience.
• Container security and orchestration knowledge.
• Cisco network design and management.
• Configuration and management of monitoring tools such as Splunk or SolarWinds.
• Security incident management, NATO security policies and security risk management.