Job Openings Security Engineer

About the job Security Engineer

Responsibilities

Involve in Red Team activities:

  • Perform penetration testing of Web and Mobile (iOS, Android, Windows and Mac) applications
  • Own the vulnerability management lifecycle from identification, remediation to reporting
  • Active monitoring and detection of operational security risks in the organization
  • Conduct technical investigations on security incidents and tools
  • Liaise directly with users on security enquiries and concerns during Pre-sales and Support

Conduct engagement with the Blue Team for the following:

  • Work with engineering and DevOps teams to implement security best practices
  • Implement and improve workflows to automate vulnerability detection as part of the software development lifecycle
  • Review risks and patches of software components used in the applications
  • Facilitate threat modelling as part of the software development lifecycle
  • Help in security awareness training
  • Help in implementing the needed controls for different certification bodies such as ISO 27001 and SOC Type 2

Qualifications

  • At least 5 years of experience in application security testing and assessments
  • Solid understanding of cybersecurity principles, standards and protocols such as OWASP Top 10 and SANS Critical Security Controls
  • Experience with application security tools as Burpsuite, OWASP ZAP, Metasploit, Sonarqube (experience with Ghidra or IDA is a plus)
  • Experience with programming languages such as Java, JavaScript, C/C++
  • Experience with scripting languages such as bash or Powershell
  • Experience and knowledge of cloud solutions and architectures such as AWS
  • Experience and knowledge of Security information and event management (SIEM) technologies
  • Good analytical skills
  • Strong sense of ownership
  • Technical and industry certifications such as CISA, CISM, CISSP are a plus

Hiring Condition: Successful completion of background checking will be required as a condition of hire.

Note: This is for a hybrid work setup