Junior Cyber Security Engineer

The Junior Cybersecurity Engineer plays an essential role within the Cybersecurity Operations & Governance team, supporting the continuous protection and monitoring of the organization’s digital assets. This position focuses on real-time alert monitoring, log analysis, workstation auditing, and assisting with policy enforcement to ensure the company maintains a strong and compliant cybersecurity posture.Working closely with mid and senior cybersecurity engineers, this role is responsible for conducting first-level alert triage, supporting the containment of incidents, and maintaining audit documentation across all systems. The Junior Engineer will develop technical proficiency in key cybersecurity tools and frameworks while contributing directly to the company’s proactive defense operations.Essential SkillsFoundational knowledge of cybersecurity principles, including threats, vulnerabilities, and incident management.Basic understanding of operating systems (Windows, Linux) and networking fundamentals (TCP/IP, firewalls, VPNs).Familiarity with endpoint and network security tools such as SIEM, EDR, and DLP platforms.Strong analytical and problem-solving skills with attention to detail in log review and alert management.Effective communication and collaboration abilities within cross-functional IT and security teams.Eagerness to learn new technologies, tools, and frameworks in a fast-paced environment.ResponsibilitiesMonitoring and Alert ManagementContinuously monitor company-wide user, network, and endpoint activity using security dashboards and alerting systems.Review, categorize, and triage security alerts, escalating incidents to advanced engineers as needed.Identify patterns or anomalies in logs that may indicate unauthorized access or malicious behavior.Support the tuning of alert thresholds and SIEM rules to minimize false positives and improve detection accuracy.Incident Response SupportAssist in incident containment by isolating affected workstations or systems following defined playbooks.Collect and document forensic evidence from endpoints for analysis by senior engineers.Contribute to post-incident reports by detailing alert timelines, affected assets, and remediation steps taken.Maintain strict confidentiality and compliance when handling incident-related data.Audit and ComplianceParticipate in scheduled audits of endpoints, access logs, and user permissions to verify compliance with internal policies.Record audit findings, prepare documentation for reviews, and support evidence collection for regulatory or internal assessments.Support the review and enforcement of least-privilege models across systems and applications.Policy Enforcement and GovernanceApply and enforce established cybersecurity policies related to data protection, endpoint security, and administrative rights.Report policy deviations or security non-conformities to supervisors and assist in corrective actions.Contribute to maintaining and updating internal cybersecurity procedures and documentation.Tool Management and SupportPerform daily health checks and operational reviews of core security toolsAssist in onboarding endpoints and systems into monitoring platforms.Help ensure integration and data flow between EDR, SIEM, and DLP tools function properly.Reporting and DocumentationMaintain accurate records of alerts, incidents, and audit outcomes.Assist in generating weekly summary reports on monitoring activity and policy compliance.Document process improvements, lessons learned, and tool performance observations.Additional ResponsibilitiesAny other responsibility established by the manager related to the employee’s knowledge and areas of responsibility.Key Skills and RequirementsEducation:Bachelor’s degree in Computer Science, Information Technology, or Cybersecurity (or equivalent experience).Experience:1–3 years of experience in IT or cybersecurity-related roles, ideally in a SOC or monitoring environment.Technical Knowledge:Excellent communication skills in English.Basic knowledge of SIEM and monitoring platforms (e.g., Wazuh, Elastic, Splunk).Familiarity with endpoint detection tools (e.g., Trellix, SentinelOne, Defender ATP).Understanding of DLP and email security tools (e.g., FortiMail, Proofpoint).Basic scripting experience (Python, PowerShell, or Bash) is an advantage.Awareness of industry standards and frameworks such as NIST, ISO 27001, and SOC2.Certifications (Preferred):CompTIA Security+, Certified Ethical Hacker (CEH), or equivalent entry-level certification.CompetencesAnalytical ThinkingAttention to DetailAdaptabilityAccountabilityContinuous Learning