Security Engineer

10h10 hours ago

Variosystems AG

Colombo, LK · Full-time · LKR 1,800,000 – LKR 3,500,000

About this role

Variosystems develops and manufactures electronic solutions for industries where reliability is critical, including Medtech & Life Science, Aerospace & Defence, and Industrial & Automation. As a long-term partner to market leaders, the company delivers services from concept through validated global production across a network of more than 2,800 people.

The Security Engineer continuously monitors systems for breaches and suspicious activity while responding swiftly to incidents. The role also enforces cybersecurity policies, manages access controls, and deploys protective technologies such as firewalls, XDR, and encryption tools to safeguard sensitive data.

Work takes place within a supportive, collaborative global environment that values analytical thinking and attention to detail under pressure. Engineers partner with teams across multiple regions to maintain compliance with standards including ISO 27001, NIST, and GDPR.

Team members receive continuous learning opportunities and exposure to cutting-edge security technologies in a company that offers health benefits from day one and an attractive remuneration package.

Requirements

Bachelor’s degree in information security, Computer Science, or a closely related discipline from a recognized university.
4–5 years of experience in IT Security or 3–4 years with relevant professional certifications.
Strong understanding of cybersecurity principles, threat detection tools, and network security.
Proficiency in leading security tools including Palo Alto Networks, XDR, Sophos, Microsoft Defender, and Microsoft Sentinel is mandatory.
Experience with SIEM, IDS/IPS, endpoint protection, and vulnerability management tools is required.
Knowledge of regulatory standards and frameworks like ISO 27001, NIST, or GDPR.
Excellent analytical skills and attention to detail with ability to work under pressure.

Responsibilities

Continuously monitor systems for security breaches, suspicious activities, and vulnerabilities, and respond swiftly to incidents to minimize impact.
Implement and maintain cybersecurity policies, ensure proper user access rights, and enforce secure authentication practices.
Conduct regular security audits and risk assessments to identify weaknesses and recommend actionable improvements.
Deploy, configure, and maintain protective technologies such as firewalls, antivirus software, intrusion detection systems, and encryption tools.
Promote cyber awareness through user education and ensure operations adhere to industry regulations and internal security standards.