Roca Alliances is a specialized recruitment firm in the tech sector, connecting top talent with leading global companies. We provide tailored hiring solutions, ensuring the perfect match for each role. Our deep understanding of industry trends allows us to conduct targeted, efficient recruitment. Committed to excellence, we build long-lasting partnerships that drive business success. At Roca Alliances, we help businesses thrive by delivering the right professionals to meet their needs. This time, we are partnering with a global leader in IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT teams, powered by AI. The company has experienced strong double-digit growth over the years and serves a diverse range of industries in over 20 countries, managing more than 15 million endpoints globally. Position Overview: Seasoned Sr. IT Security Engineer orchestrating comprehensive security strategies, implementing robust measures, performing audits, and leading initiatives to fortify systems and mitigate risks against evolving cyber threats. Responsibilities • Analyze and report organizational and system security posture and design architecture and frameworks. • Assess adequate access controls based on principles of least privilege and need-to-know and the effectiveness of security controls. • Assess all the configuration management (change configuration/release management) processes. • Ensure all systems’ security operations and maintenance activities are properly documented and updated as necessary. • Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level. • Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation. • Mitigate or correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative. • Perform security reviews, identify gaps in security architecture, implement security measures to resolve vulnerabilities, mitigate risks, help develop a security risk management plan, and recommend security changes to systems as needed. • Properly document all systems security implementation, operations, and maintenance activities and update as necessary. • Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. • Verify and update security documentation reflecting the application/system security design features. • Verify minimum security requirements are in place for all applications. Skills • Knowledge of business continuity and disaster recovery continuity of operations plans. • Ability to serve as the primary liaison between the CISO organization, IT, and system owners. • Knowledge of the application firewall concepts and functions (e.g., single point of authentication/audit/policy enforcement, message scanning for malicious content, data loss prevention, SSL security, REST/JSON processing). • Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). • Skill in assessing security controls based on cybersecurity principles and knowledge of how to use network analysis tools to identify vulnerabilities. • Knowledge of the enterprise information technology architectural concepts and patterns (e.g., baselines, validated design, and target architectures.) • Knowledge and working experience in managing Azure, O365, Active Directory, domain resolution, etc. • Experience in Windows server solutions; including OS installation, domain configuration, and AD architecture (GPO, AD schema, certificate-based authentication, PKI, etc.). • Knowledge of information technology security principles and methods (e.g., firewalls, demilitarized zones, encryption, OSI model, etc.) and networking (e.g., TPC, IP, VPN, DHCP, etc.). Communications/Leadership • Excellent communication – oral, written, and interpersonal skills. • Strong analytical and problem-solving skills. • Ability to develop effective and cooperative working relationships across multiple areas. Education/Technology • Bachelor's degree in Computer Science, Management Information Systems, or a related field. • Advanced degree desirable. • CISSP, GIAC, CompTIA Security+ or other security certifications desired. Benefits: Get to work for Real Competitive salary in COP (Colombian Pesos) Continuous Training and mentoring Get to work for an International Company Prepaid Medicine Don’t hesitate, this is your opportunity. Do you meet the requirements? We will be more than glad to have an initial conversation with you. Just apply by fulfilling the application form, so we can promptly schedule an interview.