Associate Security Engineer

Website Hayleys Group

Associate Security Engineer

Company: Hayleys Group

Location: Colombo 10, Sri Lanka (Hybrid)

Job Identification: 2822

Discipline: IT / Digital Transformation

Job Responsibilities

  • Web Security Management: Monitor, secure, and maintain corporate websites built on WordPress, including managing plugins, themes, security updates, and access controls.

  • Cloud & Application Security: Support the security architecture of .NET applications deployed within Microsoft Azure, collaborating closely with developers throughout the development and deployment lifecycles.

  • Vulnerability & Patch Management: Conduct regular vulnerability scans, systematic patching, and critical security updates across all web and cloud infrastructure.

  • Security Tooling & Infrastructure: Configure and manage essential security tools, including Web Application Firewalls (WAF), SSL/TLS certificate lifecycles, and automated backup and disaster recovery processes.

  • Code & Configuration Reviews: Review application code and system configurations for common vulnerabilities (e.g., OWASP Top 10) and recommend appropriate remediation steps.

  • Incident Detection & Response: Actively monitor systems for suspicious activity, investigate potential security alerts, and support incident response and recovery workflows.

  • Identity & Access Management (IAM): Manage user access, authentication protocols, and permission structures across multiple corporate platforms and the Azure environment.

  • Documentation & Compliance: Maintain clear, comprehensive documentation of internal security policies, procedures, and system configurations.

  • Continuous Learning: Stay up-to-date with emerging cyber threats and industry best practices, sharing actionable knowledge with the wider engineering team.

Candidate Profile

  • Experience: 1–2 years of hands-on experience in Cybersecurity, IT Security, Web Security, or Cloud-related engineering roles.

  • Education: A Bachelor’s Degree in Computer Science, Cybersecurity, Information Security, or a related field, and/or relevant industry-recognized certifications.

  • Technical Knowledge: A solid understanding of web security risks, WordPress security hardening, Microsoft Azure, and secure .NET application frameworks.

  • Foundational Skills: Clear understanding of core networking fundamentals, SSL/TLS protocols, firewalls, and access management architectures.

  • Azure Security Services: Familiarity with Azure-native security services, including Microsoft Defender for Cloud, Azure Key Vault, and Network Security Groups (NSGs).

  • Automation & Scripting: Basic scripting or infrastructure automation skills using PowerShell or Bash.

  • Framework Familiarity: Foundational knowledge of information security compliance frameworks such as ISO 27001, GDPR, or Cyber Essentials.

  • Tooling Exposure: Prior exposure to standard vulnerability assessment and penetration testing (VAPT) tools.

  • Core Attributes: Strong problem-solving, analytical, and communication skills, paired with a proactive willingness to learn and adapt.

How to Apply

If you meet the requirements and are ready to advance your career with one of Sri Lanka’s largest diversified conglomerates, please forward your CV.

  • Official Email to Upload CV: careers@hayleys.com * Subject Line: Application for Associate Security Engineer – [Job ID: 2822]

Equal Opportunity Employer: Hayleys is an Equal Opportunity Employer. We are committed to fostering a diverse, inclusive, and merit-based corporate culture

For Apply Job – Click Here

For More Jobs – Click Here

To apply for this job email your details to careers@hayleys.com