Torchora
Back to Home

Security Delivery Engineer

💰 $110,000 - $170,000

SecurityEngineeringITCybersecurity

🎯 Role Definition

Are you passionate about building and maintaining the digital fortresses that protect critical data and infrastructure? As our new Security Delivery Engineer, you will be the hands-on expert responsible for the end-to-end implementation and operational management of our security solutions. You will work at the intersection of security architecture and IT operations, transforming security designs and policies into fully functional, hardened, and automated controls. This is a crucial role where your technical expertise will directly contribute to our security posture, ensuring our systems are resilient against an ever-evolving threat landscape. You'll collaborate closely with security architects, analysts, and IT teams to deliver and sustain a world-class security ecosystem.

📈 Career Progression

Typical Career Path

Entry Point From:

  • Security Analyst / SOC Analyst
  • Systems Administrator / Engineer
  • Network Engineer

Advancement To:

  • Senior Security Engineer / Lead Security Engineer
  • Security Architect
  • Security Engineering Manager

Lateral Moves:

  • Cloud Security Engineer
  • DevSecOps Engineer

Core Responsibilities

Primary Functions

  • Deploy, configure, and manage a wide range of security technologies, including SIEM, EDR/XDR, IDS/IPS, Network Firewalls, and Web Application Firewalls (WAFs).
  • Implement and maintain security controls and services within multi-cloud environments (AWS, Azure, GCP), ensuring alignment with industry best practices.
  • Develop and execute automation scripts using Python, PowerShell, or Bash to streamline security operations, system deployments, and response actions.
  • Lead the technical implementation of security projects, from initial planning and design validation through to deployment, testing, and operational handover.
  • Harden operating systems (Linux/Windows), network devices, and cloud infrastructure according to security benchmarks like CIS and DISA STIGs.
  • Manage and administer Identity and Access Management (IAM) and Privileged Access Management (PAM) solutions to enforce the principle of least privilege.
  • Conduct regular vulnerability scanning, analyze findings, and collaborate with system owners to prioritize and orchestrate remediation efforts.
  • Integrate diverse security tools and platforms via APIs to create a cohesive and automated security ecosystem that enhances monitoring and response capabilities.
  • Utilize Infrastructure as Code (IaC) tools like Terraform and Ansible to build, deploy, and manage immutable and compliant security infrastructure.
  • Fine-tune and optimize security tool configurations, including alert rules and policies, to enhance detection accuracy and reduce false positives.
  • Onboard new log sources and data feeds into the SIEM platform, developing custom parsers and correlation rules to identify potential threats.
  • Implement and manage Data Loss Prevention (DLP) policies across endpoints, networks, and cloud services to protect sensitive information.
  • Provide deep technical expertise during incident response activities, assisting with containment, eradication, and recovery efforts.
  • Administer and maintain endpoint security platforms (e.g., CrowdStrike, SentinelOne), ensuring full coverage and policy enforcement across all corporate devices.
  • Translate security architecture documents and high-level designs into detailed, low-level implementation plans and technical procedures.
  • Manage the lifecycle of digital certificates and the underlying Public Key Infrastructure (PKI) to ensure secure communication.
  • Configure and maintain email security gateways to protect against phishing, malware, and other email-borne threats.
  • Perform regular health checks and performance tuning on all security systems to ensure reliability, availability, and effectiveness.
  • Create and maintain comprehensive technical documentation, including network diagrams, configuration guides, and operational runbooks for all security solutions.
  • Validate the effectiveness of implemented security controls through rigorous testing, purple teaming exercises, and continuous monitoring.

Secondary Functions

  • Support ad-hoc data requests and exploratory data analysis to investigate potential security anomalies.
  • Contribute to the organization's data strategy and roadmap, particularly regarding security data collection and retention.
  • Collaborate with business units to translate data protection needs into tangible security engineering requirements.
  • Participate in sprint planning and agile ceremonies within the security engineering team to ensure timely delivery of projects.
  • Provide mentorship and technical guidance to junior members of the security team.
  • Stay current with emerging security threats, vulnerabilities, and innovative technologies to proactively enhance the organization's security posture.

Required Skills & Competencies

Hard Skills (Technical)

  • Cloud Security: Deep, hands-on experience with security services in AWS (GuardDuty, Security Hub, IAM), Azure (Sentinel, Defender for Cloud), or GCP.
  • Scripting & Automation: Proficiency in at least one scripting language such as Python, PowerShell, or Bash for automating security tasks.
  • SIEM & Log Management: Expertise in deploying and managing SIEM platforms like Splunk, QRadar, or Microsoft Sentinel, including rule creation and data onboarding.
  • Infrastructure as Code (IaC): Practical experience with tools like Terraform, Ansible, or CloudFormation for deploying and managing security infrastructure.
  • Network Security: Strong understanding and configuration experience with next-generation firewalls (Palo Alto, Fortinet), IDS/IPS, WAFs, and network segmentation.
  • Endpoint Security: Experience managing and tuning Endpoint Detection and Response (EDR/XDR) solutions (e.g., CrowdStrike, SentinelOne, Carbon Black).
  • Vulnerability Management: Proficiency with vulnerability scanning tools (Tenable, Qualys, Rapid7) and managing the remediation lifecycle.
  • Identity and Access Management (IAM): Experience with IAM and SSO solutions such as Okta, Azure AD, or Ping Identity.
  • Operating Systems: In-depth knowledge of securing and hardening Linux and Windows Server environments.
  • Container & Kubernetes Security: Familiarity with securing containerized environments using tools like Twistlock, Aqua, or Falco.

Soft Skills

  • Analytical Problem-Solving: Ability to systematically diagnose complex technical issues and develop effective solutions under pressure.
  • Strong Communication: Excellent verbal and written communication skills to articulate technical concepts to both technical and non-technical audiences.
  • Collaboration & Teamwork: A proven ability to work effectively in a team-oriented environment, collaborating with various stakeholders across the organization.
  • Project & Time Management: Strong organizational skills with the ability to manage multiple projects simultaneously and meet deadlines.
  • Attention to Detail: Meticulous approach to configuration, documentation, and testing to ensure accuracy and security integrity.
  • Ownership & Proactivity: A self-starter mentality with a strong sense of ownership and the drive to proactively identify and address security gaps.

Education & Experience

Educational Background

Minimum Education:

  • Bachelor's degree in a relevant field or equivalent industry certifications and demonstrated practical experience.

Preferred Education:

  • Master's Degree in Cybersecurity or a related discipline.

Relevant Fields of Study:

  • Computer Science
  • Information Security / Cybersecurity
  • Information Technology
  • Network Engineering

Experience Requirements

Typical Experience Range:

  • 4-8 years of hands-on experience in a cybersecurity engineering, network security, or systems engineering role with a strong security focus.

Preferred:

  • Professional certifications such as CISSP, GCIH, GSEC, or vendor-specific security certifications (e.g., AWS Certified Security - Specialty, Azure Security Engineer Associate, PCNSE).
  • Demonstrable experience in a large enterprise or cloud-native environment.
Explore More Careers