• Design and maintain secure network and infrastructure architecture • Configure and manage firewalls, VPNs, access controls, and network segmentation • Secure servers, cloud resources, containers, and virtual machines • Secure employee workstations and enforce security baselines • Monitor endpoints and infrastructure for suspicious activity • Collect, analyze, and correlate security logs • Detect, investigate, and respond to security incidents • Perform vulnerability analysis, risk assessment, and remediation • Conduct system and network hardening • Develop and deliver internal security trainings and awareness sessions • Manage and maintain security training platforms and learning content • Organize phishing simulations and awareness campaigns • Collaborate with IT, DevOps, Infrastructure, and HR teams • Complete and review clients security questionnaires and security assessment forms to demonstrate the company’s security posture • Participate in security and compliance calls with client information security specialists and stakeholders • Set up and maintain security monitoring and alerting • Investigate anomalies and security incidents • Perform root-cause analysis and post-incident reviews • Improve detection, response, and prevention processes • Plan and deliver security awareness programs • Manage training platforms and user enrollment • Track training completion and effectiveness • Continuously improve training materials based on incidents and risks

• Plan, implement, and sustain ISO 27001 security controls as per the standard. • Oversee and manage information security projects across their lifecycle. • Develop and enforce information security policies, procedures, and processes. • Conduct risk assessments and snap audits for potential security threats. • Coordinate internal and external audits for compliance and certification and manage business continuity plans. • Develop and maintain Business continuity plan and conduct tabletop exercise for BCDR scenarios.

• Develop and implement strategic business plans to grow revenue and market presence through distribution partners. • Manage a portfolio of authorized distributors, fostering strong relationships and ensuring alignment with Johnson Controls’ goals. • Drive adoption of Exacq, Kantech, and Illustra solutions through joint marketing campaigns, training initiatives, and sales enablement programs. • Collaborate with internal teams to ensure operational excellence in channel support, forecasting, and supply chain logistics. • Track and analyze distributor performance metrics to identify growth opportunities and address underperformance. • Conduct regular business reviews with distributors to ensure goal alignment and pipeline visibility. • Support pricing, program, and promotional execution to maximize partner success and competitiveness. • Maintain deep knowledge of competitive landscape and evolving customer needs within the security industry.

Role Description The A.C.Coy has an immediate need for a Security Engineer. Qualified candidates will be responsible for supporting the security and compliance of the company-wide infrastructure, including networks, servers, workstations, and telecommunications systems. - Manage and maintain the organization’s Public Key Infrastructure (PKI) systems, ensuring secure encryption, certificate management, and cryptographic key lifecycle processes are in place and operating effectively. - Implement and oversee encryption solutions to protect data at rest, in transit, and in use across both on-premises and cloud environments, ensuring compliance with industry security standards. - Secure cloud environments (including AWS, Azure, and GCP) by ensuring adherence to internal security policies and industry best practices, and assist in the implementation and management of identity management, access control, and data protection within cloud services. - Collaborate with third-party vendors to securely integrate external systems. - Deploy, manage, and maintain firewalls, including Firewall-as-a-Service (FWaaS), Unified Threat Management (UTM) solutions, and Secure Web Gateways (SWG), to secure network traffic and enforce security policies. - Implement and manage advanced security technologies such as Cloud Access Security Brokers (CASB), Zero Trust Network Access (ZTNA), and other solutions to strengthen security posture. - Serve as a primary escalation point for security incidents and audits, leading or assisting in the development of mitigation strategies, post-incident reviews, and compliance reviews to ensure ongoing ISO 27001 adherence. - Act as an internal consultant to IT teams and departments, providing subject matter expertise on infrastructure security, cloud environments, and endpoint protection. - Lead reviews of infrastructure security components, recommend improvements, and develop risk mitigation strategies that align with the security posture and industry requirements. - Continuously monitor internal control systems to ensure appropriate access levels and security configurations are maintained across all infrastructure components. - Analyze daily security events and alerts in the context of policies, prioritizing and escalating issues as appropriate to support timely and effective incident response. - Evaluate security policies and procedures to identify improvement opportunities and ensure alignment with standards, industry requirements, and regulatory expectations. - Provide technical support and administration for LAN/WAN, remote access, IDS/IPS, and unified threat management systems, including troubleshooting, analysis, and the testing and deployment of new hardware and security applications. - Deploy and manage policies for antivirus and endpoint detection and response agents in collaboration with system owners to ensure effective endpoint security management. - Manage the availability and security of public domains and DNS records. Qualifications - Bachelor’s degree in Computer Science, Business, Engineering, or a related field; or equivalent work experience is required. - CISSP certification or progress toward CISSP certification is preferred. - Minimum of five years of experience in information systems, including at least one year of systems project management experience. - Proven background in applying advanced IT security concepts and extensive understanding of contemporary hardware and software architectures in a multi-site, mission-critical environment. - Experience with the development and implementation of security policies and procedures, security awareness programs, and participation in IT audits preferred. - Hands-on experience with operating system security, encryption technologies, forensic analysis, penetration testing, and vulnerability/risk assessment.