Cybersecurity Engineer

To lead and implement robust cybersecurity strategies and solutions that safeguard IT infrastructure, applications, and data across cloud and on-premise environments.

• Serves as the domain expert (SME) on Cybersecurity matters
• Lead and influence multi-disciplinary teams in implementing and operating cyber security controls for cloud and on premise environment; micro-services, containers, applications, operating systems, databases, and networks
• Involve in the project or lead the project related with IT infrastructure & Application security whenever required.
• Support maintenance team in difficult or chronic problems, elevate the issue to vendor, identifying the root cause and preventive measures.
• Support presales team on infrastructure & Application security solutioning in bids
• Provide system architecture design and planning for new IT infrastructure deployments in both hosted and cloud environments
• Work closely with Project Managers/ Application Development Team in planning the implementation tasks
• Perform initial installation and configuration of new IT infrastructure & security deployments in both hosted and cloud environments
• Conduct security design review with customers
• Lead the track in security testing and remediation, conduct Application, Server and Network vulnerability assessment.
• Deliver Application Security Assessment activities with entities and external suppliers/customers.
• Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders ranging from business leaders to engineers
• Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements
• Conduct in-depth assessments on the applications using SAST, DAST, Penetration Testing, Red Teaming Activities to determine application security posture and potential vulnerabilities.
• Develop and implement server security and hardening
• Supports the monitoring and tuning of detection and security automation tools
• Automate security controls, data and processes to provide better metrics and operational support

• Minimum Bachelor in Computer Science or IT related studies
• Minimum 8 years’ experience in IT industry with 6 years in network/systems/Application security arena.
• At least 5 years of experience in Vulnerability Assessment, Penetration Testing & Source Code Reviews of Web, Mobile and Thick Client Applications
• Knowledge of networking and IP/TCP protocol
• Experience in Windows and other OS good to have.
• Experience of working and securing Virtualization Technologies
• Experience with firewall technologies and products, including NextGen firewalls and firewall management tools
• Knowledge and experience in scripting or programming languages (ex. Python, Perl, Ruby, PowerShell, C, C#, Java) in order to develop custom scripts or tools.
• In-depth knowledge in network and systems security issues
• Hands-on experience in security-related tasks such as OS tightening, patching and updating, virus scanning will be an added advantage.
• In-depth knowledge on network and systems security issues and ability to offer advisories and troubleshooting support.
• Good communication skills and positive working attitude.
• Relevant certifications such as CISSP/CISA/CISM, CREST, CEH would be advantageous