Job Openings
Security Engineer
About the job Security Engineer
Responsibilities
Involve in Red Team activities:
- Perform penetration testing of Web and Mobile (iOS, Android, Windows and Mac) applications
- Own the vulnerability management lifecycle from identification, remediation to reporting
- Active monitoring and detection of operational security risks in the organization
- Conduct technical investigations on security incidents and tools
- Liaise directly with users on security enquiries and concerns during Pre-sales and Support
Conduct engagement with the Blue Team for the following:
- Work with engineering and DevOps teams to implement security best practices
- Implement and improve workflows to automate vulnerability detection as part of the software development lifecycle
- Review risks and patches of software components used in the applications
- Facilitate threat modelling as part of the software development lifecycle
- Help in security awareness training
- Help in implementing the needed controls for different certification bodies such as ISO 27001 and SOC Type 2
Qualifications
- At least 5 years of experience in application security testing and assessments
- Solid understanding of cybersecurity principles, standards and protocols such as OWASP Top 10 and SANS Critical Security Controls
- Experience with application security tools as Burpsuite, OWASP ZAP, Metasploit, Sonarqube (experience with Ghidra or IDA is a plus)
- Experience with programming languages such as Java, JavaScript, C/C++
- Experience with scripting languages such as bash or Powershell
- Experience and knowledge of cloud solutions and architectures such as AWS
- Experience and knowledge of Security information and event management (SIEM) technologies
- Good analytical skills
- Strong sense of ownership
- Technical and industry certifications such as CISA, CISM, CISSP are a plus
Hiring Condition: Successful completion of background checking will be required as a condition of hire.
Note: This is for a hybrid work setup