Security Engineer

Defence in depth is a security strategy that uses multiple, independent layers of security controls so that if one layer fails, others are still in place to prevent or detect an attack. No single control is treated as a silver bullet — the assumption is that any individual control can be bypassed or fail. The concept comes from military strategy: create multiple lines of defence so attackers must overcome each one independently. Layers of defence in depth: • Physical — Access controls, CCTV, biometric locks protecting hardware. • Network — Firewalls, IDS/IPS, network segmentation, VLANs, DMZ, zero trust networking. • Endpoint — EDR/AV, host-based firewalls, disk encryption, application whitelisting. • Application — Secure coding practices, input validation, WAF, authentication/authorisation. • Data — Encryption at rest and in transit, DLP (Data Loss Prevention), data classification. • Identity — MFA, PAM (Privileged Access Management), least privilege, SSO with strong authentication. • Monitoring — SIEM, SOAR, log management, threat intelligence feeds. • Processes — Security policies, incident response plans, employee training, vulnerability management. Real-world example: An attacker phishes an employee and gets their password. MFA (identity layer) blocks the login. If MFA is bypassed, EDR (endpoint layer) detects malicious tooling. If that is bypassed, SIEM (monitoring layer) detects anomalous behaviour. Network segmentation (network layer) limits lateral movement. Defence in depth ensures a single point of failure never leads to total compromise.