Security Engineer

Summary

Join Rackspace Cyber Defence as a Security Engineer specializing in Network Security! Based in India, you will play a crucial role in ensuring the security of our strategic customers' environments. This senior-level position requires extensive experience in designing, implementing, and managing cloud-native security platforms across Azure, AWS, and GCP. You will collaborate closely with customer stakeholders, handle critical incidents, and drive continuous improvement through automation and custom development. The ideal candidate possesses strong network security expertise, experience with various security tools, and a proven track record in enterprise or managed security services. This role demands a proactive, self-starting individual with a passion for delivering exceptional customer experiences.

Requirements

• Should have 8+ years experience in Security Engineering
• Experience working in either large, enterprise environments or managed security services environments with a focus on network security
• Experience of working with network security concepts and principles such as firewalls, web application firewalls, IDS/IPS, NDR, micro-segmentation – in both on-premise, cloud-native and hybrid environments
• Experience with network security tools such as Palo Alto and/or Fortinet
• Troubleshoot IPsec tunnel issues on Palo Alto firewalls
• Manage firewall operations using Panorama
• Upgrade devices to the latest firmware and configurations
• Hands-on experience with Azure VMs hosting Palo Alto firewalls
• Solid working knowledge of Azure Storage and overall Azure security practices
• Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls
• Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc
• Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell
• Knowledge of DevOps practices such as CI/CD, Azure DevOps, CircleCI, GitHub Actions, Ansible and/or Jenkins
• Computer science, engineering, or information technology related degree (although not a strict requirement)
• Holds one, or more, of the following certificates (or equivalent)
• Certified Information Security Systems Professional (CISSP)
• Microsoft Certified: Azure Security Engineer Associate (AZ500)
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• CREST Practitioner Intrusion Analyst (CPIA)
• CREST Registered Intrusion Analyst (CRIA)
• CREST Certified Network Intrusion Analyst (CCNIA)
• Systems Security Certified Practitioner (SSCP)
• Certified Cloud Security Professional (CCSP)
• GIAC Certified Incident Handler (GCIH)
• GIAC Security Operations Certified (GSOC)

Responsibilities

• Ensure the Customer’s operational and production environment remains healthy and secure at all the times
• Assist with customer onboarding – customer onboarding, policy configuration, platform configuration and service transition to security operations team(s)
• Advance platform administration, ideally through a DevOps-centric approach
• Critical platform incident handling & closure
• As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process
• As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership
• Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams
• Drive continuous improvement of Rackspace managed security services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s)
• Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc
• Co-ordinate with vendor for issue resolution
• Required to work flexible timings

Preferred Qualifications

• Experience of working in two (or more) of the following additional security domains
• Microsoft-centric, cloud native security tools such as Microsoft Sentinel, Microsoft Defender for Cloud, Azure Active Directory, Azure Key Vault and Azure WAF and Azure Firewall
• GCP (Google Cloud Platform) Security Command Centre
• AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail
• SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc
• Endpoint Security and Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud
• Web Application Firewall (WAF) tools such as Cloudflare, Akamai and Azure WAF
• Data Loss Prevention (DLP) tools such as Microsoft Purview, McAfee and Symantec
• A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail
• A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture
• Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure
• An individual who shows a willingness to go above and beyond in delighting the customer
• A good communicator who can explain security concepts to both technical and non-technical audiences