Cybersecurity Engineer/Manager - #1121896

Job Purpose

To lead and implement robust cybersecurity strategies and solutions that safeguard IT infrastructure, applications, and data across cloud and on-premise environments.

Responsibilities

• Serves as the domain expert (SME) on Cybersecurity matters

• Lead and influence multi-disciplinary teams in implementing and operating cyber security controls for cloud and on premise environment; micro-services, containers, applications, operating systems, databases, and networks

• Involve in the project or lead the project related with IT infrastructure & Application security whenever required.

• Support maintenance team in difficult or chronic problems, escalate the issue to vendor, identifying the root cause and preventive measures.

• Support presales team on infrastructure & Application security solutioning in bids

• Provide system architecture design and planning for new IT infrastructure deployments in both hosted and cloud environments

• Work closely with Project Managers/ Application Development Team in planning the implementation tasks

• Perform initial installation and configuration of new IT infrastructure & security deployments in both hosted and cloud environments

• Conduct security design review with customers

• Lead the track in security testing and remediation, conduct Application, Server and Network vulnerability assessment.

• Deliver Application Security Assessment activities with entities and external suppliers/customers.

• Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders ranging from business leaders to engineers

• Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements

• Conduct in-depth assessments on the applications using SAST, DAST, Penetration Testing, Red Teaming Activities to determine application security posture and potential vulnerabilities.

• Develop and implement server security and hardening

• Supports the monitoring and tuning of detection and security automation tools

• Automate security controls, data and processes to provide better metrics and operational support

Experiences & Qualifications

• Minimum Bachelor in Computer Science or IT related studies

• Minimum 8 years’ experience in IT industry with 6 years in network/systems/Application security arena.

• At least 5 years of experience in Vulnerability Assessment, Penetration Testing & Source Code Reviews of Web, Mobile and Thick Client Applications

• Knowledge of networking and IP/TCP protocol

• Experience in Windows and other OS good to have.

• Experience of working and securing Virtualization Technologies

• Experience with firewall technologies and products, including NextGen firewalls and firewall management tools

• Knowledge and experience in scripting or programming languages (ex. Python, Perl, Ruby, PowerShell, C, C#, Java) in order to develop custom scripts or tools.

• In-depth knowledge in network and systems security issues

• Hands-on experience in security-related tasks such as OS tightening, patching and updating, virus scanning will be an added advantage.

• In-depth knowledge on network and systems security issues and ability to offer advisories and troubleshooting support.

• Good communication skills and positive working attitude.

• Relevant certifications such as CISSP/CISA/CISM, CREST, CEH would be advantageous