Cyber Security Engineer - Croatia

<h3>Role Overview</h3><p>An international organisation is seeking a hands‑on <strong>Senior Cybersecurity Engineer</strong> to strengthen and mature its security capabilities across cloud, identity, and operational environments. </p><p>Fully remote (reporting into a hiring manager based in another region).</p><p>This is a pivotal role focused on building <strong>centralised visibility</strong>, improving <strong>detection and response</strong>, and preparing the organisation for a future managed <strong>Security Operations Centre (SOC)</strong> capability.<br>You will work across cloud security, identity, endpoints, and infrastructure, while acting as a key technical partner to an external managed SOC provider. As the security function evolves, this role offers a clear progression path toward <strong>Cybersecurity Architect</strong> or <strong>Security Lead</strong>.</p><h3>Key Responsibilities:</h3><h3>Security Monitoring & Detection</h3><ul><li>Design and implement centralised security monitoring (SIEM or equivalent)</li><li>Prepare environments for successful managed SOC integration</li><li>Improve detection use cases to increase signal quality and reduce noise</li><li>Enhance visibility across cloud, identity, and operational systems</li></ul><h3>Managed SOC Integration</h3><ul><li>Act as the primary technical liaison for the managed SOC provider</li><li>Support SOC onboarding, log ingestion, tuning, and use‑case development</li><li>Validate alerts, incident handling, and reporting outputs</li><li>Continuously refine detection fidelity and response effectiveness</li></ul><h3>Cloud Security</h3><ul><li>Manage and optimise cloud‑based security controls</li><li>Improve web application security, bot protection, and traffic filtering</li><li>Monitor and analyse traffic patterns to identify threats and anomalies</li><li>Strengthen resilience against denial‑of‑service and abuse scenarios</li></ul><h3>Identity & Collaboration Platform Security</h3><ul><li>Enhance identity protection and conditional access controls</li><li>Improve email security and anti‑phishing defences</li><li>Strengthen audit logging, monitoring, and investigation workflows</li><li>Support investigations into user activity and account compromise</li></ul><h3>Incident Response & Operational Security</h3><ul><li>Establish internal incident response processes aligned with SOC workflows</li><li>Define runbooks, escalation paths, and operational responsibilities</li><li>Support incident investigations and post‑incident reviews</li></ul><h3>Vulnerability Management & Security Testing</h3><ul><li>Implement vulnerability scanning across infrastructure and endpoints</li><li>Integrate security testing into CI/CD pipelines</li><li>Drive remediation efforts and track risk reduction initiatives</li></ul><h3>Security Engineering & Architecture</h3><ul><li>Improve security controls across cloud, on‑premise, and hybrid environments</li><li>Embed security into both digital and operational technology environments</li><li>Support secure design, architecture reviews, and threat modelling</li></ul><h3>Risk & Compliance</h3><ul><li>Support implementation of controls aligned to recognised frameworks</li><li>Contribute to risk identification, mitigation, and reporting</li><li>Assist with audit readiness and evidence collection</li></ul><h3>Stakeholder Engagement</h3><ul><li>Build strong working relationships with business and technology teams</li><li>Act as a trusted internal security advisor</li><li>Improve awareness of shared security responsibilities across the organisation</li></ul><h3>Experience & Skills</h3><h3>Required</h3><ul><li><strong>5+ years’ experience</strong> in cybersecurity or security engineering</li><li>Hands‑on experience with:<ul><li>SIEM and log management platforms</li><li>Cloud‑based security controls</li><li>Identity and access management</li><li>Endpoint protection</li></ul></li><li>Strong troubleshooting, threat‑hunting, and investigation skills</li><li>Experience operating in complex, distributed environments</li><li>Familiarity with security frameworks such as <strong>ISO 27001</strong> or <strong>NIST</strong></li></ul><h3>Preferred</h3><ul><li>Experience working with or integrating managed SOC services</li><li>Prior involvement in log onboarding and detection tuning</li><li>Knowledge of security controls in CI/CD pipelines</li><li>Exposure to regulatory or operational resilience frameworks</li><li>Relevant security or cloud certifications</li></ul><h3>What Success Looks Like (6–12 Months)</h3><ul><li>Centralised security visibility fully established and SOC‑ready</li><li>Managed SOC successfully onboarded and optimised</li><li>High‑quality detection use cases in place with low false‑positive rates</li><li>Significantly improved cloud and identity security posture</li><li>Incident response processes aligned with SOC operations</li><li>Vulnerability management operating effectively</li><li>Clear progress toward audit and resilience readiness</li></ul><p>Originally posted on <a href="https://himalayas.app">Himalayas</a></p>

Role Overview

An international organisation is seeking a hands‑on Senior Cybersecurity Engineer to strengthen and mature its security capabilities across cloud, identity, and operational environments.

Fully remote (reporting into a hiring manager based in another region).

This is a pivotal role focused on building centralised visibility, improving detection and response, and preparing the organisation for a future managed Security Operations Centre (SOC) capability.
You will work across cloud security, identity, endpoints, and infrastructure, while acting as a key technical partner to an external managed SOC provider. As the security function evolves, this role offers a clear progression path toward Cybersecurity Architect or Security Lead.

Key Responsibilities:

Security Monitoring & Detection

• Design and implement centralised security monitoring (SIEM or equivalent)
• Prepare environments for successful managed SOC integration
• Improve detection use cases to increase signal quality and reduce noise
• Enhance visibility across cloud, identity, and operational systems

Managed SOC Integration

• Act as the primary technical liaison for the managed SOC provider
• Support SOC onboarding, log ingestion, tuning, and use‑case development
• Validate alerts, incident handling, and reporting outputs
• Continuously refine detection fidelity and response effectiveness

Cloud Security

• Manage and optimise cloud‑based security controls
• Improve web application security, bot protection, and traffic filtering
• Monitor and analyse traffic patterns to identify threats and anomalies
• Strengthen resilience against denial‑of‑service and abuse scenarios

Identity & Collaboration Platform Security

• Enhance identity protection and conditional access controls
• Improve email security and anti‑phishing defences
• Strengthen audit logging, monitoring, and investigation workflows
• Support investigations into user activity and account compromise

Incident Response & Operational Security

• Establish internal incident response processes aligned with SOC workflows
• Define runbooks, escalation paths, and operational responsibilities
• Support incident investigations and post‑incident reviews

Vulnerability Management & Security Testing

• Implement vulnerability scanning across infrastructure and endpoints
• Integrate security testing into CI/CD pipelines
• Drive remediation efforts and track risk reduction initiatives

Security Engineering & Architecture

• Improve security controls across cloud, on‑premise, and hybrid environments
• Embed security into both digital and operational technology environments
• Support secure design, architecture reviews, and threat modelling

Risk & Compliance

• Support implementation of controls aligned to recognised frameworks
• Contribute to risk identification, mitigation, and reporting
• Assist with audit readiness and evidence collection

Stakeholder Engagement

• Build strong working relationships with business and technology teams
• Act as a trusted internal security advisor
• Improve awareness of shared security responsibilities across the organisation

Experience & Skills

Required

• 5+ years’ experience in cybersecurity or security engineering
• Hands‑on experience with:
  • SIEM and log management platforms
  • Cloud‑based security controls
  • Identity and access management
  • Endpoint protection
• Strong troubleshooting, threat‑hunting, and investigation skills
• Experience operating in complex, distributed environments
• Familiarity with security frameworks such as ISO 27001 or NIST

Preferred

• Experience working with or integrating managed SOC services
• Prior involvement in log onboarding and detection tuning
• Knowledge of security controls in CI/CD pipelines
• Exposure to regulatory or operational resilience frameworks
• Relevant security or cloud certifications

What Success Looks Like (6–12 Months)

• Centralised security visibility fully established and SOC‑ready
• Managed SOC successfully onboarded and optimised
• High‑quality detection use cases in place with low false‑positive rates
• Significantly improved cloud and identity security posture
• Incident response processes aligned with SOC operations
• Vulnerability management operating effectively
• Clear progress toward audit and resilience readiness

Originally posted on Himalayas