Senior Security Engineer (Security Governance) - Information Security

Job Description:

• Lead security risk governance projects, identifying vulnerabilities, prioritizing remediation, and implementing robust security controls. This includes leveraging expertise in establishing security maturity standards.
• Conduct deep technical assessments of network architecture, cloud/on-premise infrastructure, and internal systems to proactively mitigate security risks, including internal system penetration testing and proactive threat hunting.
• Integrate security best practices into system design with Engineering, Infrastructure, and DevOps teams, ensuring inherent security across various environments, including network, host, container, application, endpoint, and large language models (LLMs).
• Drive the closure of security risks by analyzing the latest vulnerabilities, news, and regulatory concerns from a risk and compliance standpoint.
• Provide expert emergency response and forensic investigation capabilities during cybersecurity defense operations.

Requirements:

• At least 5 years of defensive security expertise, securing networks, hosts, containers, applications, and endpoints across on-premise and cloud environments
• Over 5 years of end-to-end experience in offensive security, including penetration testing, red teaming, and security assessments of internal systems and products. Skilled in leveraging common hacking tools and real-world attack vectors to identify procedural and technical risks from an attacker’s perspective, supporting red-blue team exercises, forensic investigations, and emergency response.
• Minimum 3 years of hands-on experience developing security products, with strong proficiency in security automation and scripting.
• Bachelor’s degree or higher in Computer Science or a related field
• Solid problem-solving and analytical thinking skills
• Strong communication skills and a collaborative team player