Surge Global is a digital consultancy that leverages marketing, data, and technology to help businesses grow. As Sri Lanka’s leading digital firm, we employ the best content, creative, design, and engineering talent the country has to offer.

Embracing a culture of transparency and equality in the workplace, we’ve built an environment that helps Sri Lanka’s best marketing and creative talent thrive. Our team approaches complex, multivariate challenges with an open mind and a strong willingness to continuously test, learn, and innovate.

With our headquarters in Colombo, Sri Lanka, we support and scale startups to Fortune 500 companies across the United States, Europe, Australia, Middle East, Papua New Guinea, Fiji, and Sri Lanka.

Responsibilities:

• Design, implement, and maintain advanced security architectures across cloud (AWS, Azure, GCP) and on-premise environments.
• Lead complex security engineering initiatives, including network security, endpoint protection, identity and access management (IAM), and zero-trust implementations.
• Drive proactive threat detection, threat hunting, and advanced incident response activities, including root cause analysis and forensic investigations.
• Engineer and optimize security monitoring solutions (SIEM, SOAR), including use case development, alert tuning, and automation of response workflows.
• Manage and enhance vulnerability management programs, ensuring risk-based prioritization and timely remediation.
• Conduct deep-dive security assessments, penetration testing coordination, and architecture reviews to identify and mitigate risks.
• Collaborate closely with DevOps and engineering teams to embed security controls within CI/CD pipelines and promote DevSecOps practices.
• Develop and enforce security standards, hardening guidelines, and best practices aligned with frameworks such as ISO 27001, NIST, and CIS.
• Evaluate, implement, and fine-tune security tools and technologies to improve detection, prevention, and response capabilities.
• Act as a key escalation point for high-severity incidents and provide technical leadership during security events.
• Support compliance initiatives, audits, and regulatory requirements through technical controls and documentation.
• Mentor junior engineers and provide technical guidance to improve overall team capability.
• Continuously monitor emerging threats, vulnerabilities, and industry trends to strengthen the organization’s security posture.

Requirements:

• Bachelor’s degree in Cyber Security, Information Technology, Computer Science, or a related field.
• 5–8+ years of hands-on experience in cybersecurity, with strong focus on security engineering and operations.
• Proven expertise in cloud security across AWS, Azure, and/or GCP, including secure configurations and architecture design.
• Strong experience with SIEM/SOAR platforms (e.g., Splunk, QRadar, Sentinel) and log analysis.
• Hands-on experience with EDR/XDR, firewalls, IDS/IPS, WAFs, and endpoint security solutions.
• Deep understanding of networking concepts, protocols, and security controls.
• Strong knowledge of identity and access management (IAM), privileged access management (PAM), and zero-trust principles.
• Experience with vulnerability management tools such as Nessus, Qualys, or similar platforms.
• Practical exposure to scripting or automation (Python, PowerShell, Bash) for security operations.
• Experience integrating security within DevOps environments (CI/CD pipelines, container security, Kubernetes security).
• Familiarity with security frameworks and standards such as ISO 27001, NIST, CIS benchmarks.
• Experience in incident response, threat hunting, and digital forensics.
• Relevant certifications such as CISSP, CISM, CEH, CCSP, or equivalent are highly preferred.
• Strong analytical, troubleshooting, and problem-solving skills.
• Ability to work independently, handle high-pressure situations, and manage multiple priorities.
• Good communication skills with the ability to explain technical risks to non-technical stakeholders.