Qualifications:
Bachelor's or master's degree in Cybersecurity, Computer Science, Information Technology, or a
related field (or equivalent work experience).
Requirements:
* Minimum 8+ years of experience in Cybersecurity Engineer or a similar role with a good hands-on * experience on the list of tech stack as listed in the responsibilities section, * We are looking for someone who is well-versed with security [Pen-testing, Perimeter security, API Security, Threat modeling, Antivirus / Malware detections & protections, App & Infra. Security Practices & Architecture etc.]. * Additionally, if you are certified on any of the technologies, we would love to see you prove it with your detail-oriented problem-solving skillset and knowledge of the products
Roles & Responsibilities:
. Oversee the design, implementation, and management of security infrastructure, ensuring
the confidentiality, integrity, and availability of systems and data.
. Knowledge of TCP/IP, the OSI model, DNS, HTTP, VPN, routing & switching, and load
balancer technologies for virtual and physical networks.
. Hands on experience of threats includes common attack vectors, methodologies, and
payloads/exploits.
. Ability to support, assist in implementing and administrating security solutions, e.g.,
firewalls, proxies, WAFs, DLP, malware detection/EDR, etc.
. Operational experience with security logging, event correlation, and SIEM technologies.
. Operational experience configuring and managing virtual and cloud-based environments.
. Develop and implement incident response plans to address security incidents promptly and
effectively.
. Experience in evaluating and implementing industry leading third party security tools and
software.
. Lead investigations into security breaches, vulnerabilities, and incidents, providing detailed
reports and recommendations.
. Administer and enhance Privileged Access Management solutions, ensuring secure access
controls and monitoring privileged accounts.
. Extensive experience in Perimeter security, API Security, Pen testing, Threat Modeling,
Security Testing and Auditing.
. Must have experience in managing Antivirus / Malware detections & protection solutions.
Experience in managing the AWS security services such as AWS Inspector, AWS Guard duty,
AWS WAF & Shield, Firewall manager etc. Good experience in managing the perimeter
firewall within AWS accounts, involving the implementation and administration of robust
security measures.
Implement and optimize security controls for cloud-based applications and infrastructure.
. Design and maintain secure network architectures, including firewalls, VPNs, and network
segmentation.
. Assess and enhance the security of web and application servers (e.g., Apache, Nginx,
Tomcat) and implement incident response procedures.
. Sound knowledge of OS baselining for vulnerability assessment & patching using industry
best practices and tools, including expertise in Security Information and Event
Management (SIEM) for comprehensive threat detection and response.
. Good to have knowledge of finding and patching the vulnerabilities in Dependencies,
Docker file, Images, K8s Resources
. Expert in handling SAST & DAST tools to uncover vulnerabilities in the code and workout to
remediate it and to design & implement secure software development life cycle solutions
based on various tools.
. Define secure software development life cycle for various projects and teams with proper
software supply chain security standards.
. Define applications security architecture elements and assist with KPIs and KRIs related to
security in applications.
. Work with senior management on defining roadmaps, needs and providing short and midterm forecasting.
. POC of the overall DevSecOps lifecycle to showcase the benefits it brings to an
organization.
. Experience with OWASP Testing Guide v3 / 4 and OWASP TOP 10.
. Knowledge of securing APIs & experience in Web & Mobile applications, micro-services,
and common vulnerabilities.
Demonstrate written and verbal communication skills, as well as the ability to work with
multiple teams and stakeholders.
. Familiarity with Jira and Confluence or any similar tools.
. Understanding of NIST and CIS frameworks.
. Understanding of compliance areas including controls for SOC2, ISO, PCIDSS and GDPR, etc
MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.