Cyber Security Engineer - Croatia

Role Overview An international organisation is seeking a hands on Senior Cybersecurity Engineer to strengthen and mature its security capabilities across cloud, identity, and operational environments. Fully remote (reporting into a hiring manager based in another region). This is a pivotal role focused on building centralised visibility, improving detection and response, and preparing the organisation for a future managed Security Operations Centre (SOC) capability. You will work across cloud security, identity, endpoints, and infrastructure, while acting as a key technical partner to an external managed SOC provider. As the security function evolves, this role offers a clear progression path toward Cybersecurity Architect or Security Lead. Key Responsibilities: Security Monitoring & Detection • Design and implement centralised security monitoring (SIEM or equivalent) • Prepare environments for successful managed SOC integration • Improve detection use cases to increase signal quality and reduce noise • Enhance visibility across cloud, identity, and operational systems Managed SOC Integration • Act as the primary technical liaison for the managed SOC provider • Support SOC onboarding, log ingestion, tuning, and use case development • Validate alerts, incident handling, and reporting outputs • Continuously refine detection fidelity and response effectiveness Cloud Security • Manage and optimise cloud based security controls • Improve web application security, bot protection, and traffic filtering • Monitor and analyse traffic patterns to identify threats and anomalies • Strengthen resilience against denial of service and abuse scenarios Identity & Collaboration Platform Security • Enhance identity protection and conditional access controls • Improve email security and anti phishing defences • Strengthen audit logging, monitoring, and investigation workflows • Support investigations into user activity and account compromise Incident Response & Operational Security • Establish internal incident response processes aligned with SOC workflows • Define runbooks, escalation paths, and operational responsibilities • Support incident investigations and post incident reviews Vulnerability Management & Security Testing • Implement vulnerability scanning across infrastructure and endpoints • Integrate security testing into CI/CD pipelines • Drive remediation efforts and track risk reduction initiatives Security Engineering & Architecture • Improve security controls across cloud, on premise, and hybrid environments • Embed security into both digital and operational technology environments • Support secure design, architecture reviews, and threat modelling Risk & Compliance • Support implementation of controls aligned to recognised frameworks • Contribute to risk identification, mitigation, and reporting • Assist with audit readiness and evidence collection Stakeholder Engagement • Build strong working relationships with business and technology teams • Act as a trusted internal security advisor • Improve awareness of shared security responsibilities across the organisation Experience & Skills Required • 5+ years experience in cybersecurity or security engineering • Hands on experience with: • SIEM and log management platforms • Cloud based security controls • Identity and access management • Endpoint protection • Strong troubleshooting, threat hunting, and investigation skills • Experience operating in complex, distributed environments • Familiarity with security frameworks such as ISO 27001 or NIST Preferred • Experience working with or integrating managed SOC services • Prior involvement in log onboarding and detection tuning • Knowledge of security controls in CI/CD pipelines • Exposure to regulatory or operational resilience frameworks • Relevant security or cloud certifications What Success Looks Like (6-12 Months) • Centralised security visibility fully established and SOC ready • Managed SOC successfully onboarded and optimised • High quality detection use cases in place with low false positive rates • Significantly improved cloud and identity security posture • Incident response processes aligned with SOC operations • Vulnerability management operating effectively • Clear progress toward audit and resilience readiness Originally posted on Himalayas