Senior Cyber Security Engineer

What you will do?

• Be the subject matter expert for Information Security matters. Implement and manage security best practices that bolster the security posture of the organization. 
• Identify security gaps, explore and Identify open source or 3rd party solutions that address the security gaps, and prove the ROI for each solution with a strong business use case.
• Partner with GRC engineers in driving cyber security initiatives covering : Cloud Security, Application Security, Endpoint Security, Data Security, Email Security etc
• inline with frameworks like SOC 2, ISO 27001, GDPR, NIST, and other data privacy and cybersecurity frameworks.
• Partner with GRC engineers in risk assessments and developing relevant policies, procedures, and guidelines for security compliance and support in security audits for various standards and client questionnaires.
Vulnerability Management : 
• Develop internal capabilities to identify vulnerabilities, misconfigurations, and violations of best practices using Vulnerability Assessments, Penetration Testing, Threat Modelling, Security Review /Audits etc.
• Develop and maintain vulnerability management processes and procedures to streamline the identification, reporting, and resolution of security vulnerabilities.
• Manage VAPT partner(s) and collaborate with cross-functional teams to ensure that vulnerabilities are remediated in the defined SLA.
• Create dashboard/reports to communicate the performance of various security initiatives to the entire org such as External VAPT, Secret Scanning, SCA, SAST, DAST, and Internal VAPT.
• Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management.
SOC : 
• Use data/logs collected from a variety of tools (e.g Audit logs, access control logs EDR, identity provider, MDM, SaaS platforms, AWS, GCP, Azure, WAF, Application Logs, etc) to analyze, identify and mitigate potential threats/anomalies. 
• Build response workflows and actions that auto-resolve false positives, enabling engineers to focus on relevant threats.
• Develop and automate security workflows, playbooks, and tools to improve the efficiency and effectiveness of security operations.
Policy as a Code: 
• Drive the implementation of Policy as Code methodologies to automate and enforce security policies throughout the organization.
Shift Left Security: 
• Advocate and identify Shift Left Security practices to embed security into the early stages of the development lifecycle.
• Partner with Cloud Infra and IT team in implementing shift left security practices, such as :
• Embedding security practices in SDLC & Cloud infrastructure.
• Embedding the GRC team approvals/reviews in day-to-day processes to enable better governance.
Security Incident Management : 
• Support security incident response in a cross-functional environment and drive incident resolution for internal and external threats.
• Carry out digital forensics as part of security incident investigation.
• Ensure that engineering teams understand the impact of an incident and derive corrective and preventive actions for themselves.
Security Training: 
• Drive the security mindset across the organization in partnership with the GRC team.
• Create awareness/training content that forces engineering teams to embed a security shift left approach.

What makes you a match

• 5+ years of relevant industry experience in a security engineering or cloud infrastructure security team.
• Strong coding proficiency in Python /Go/ Shell etc.
• Strong technical knowledge of security principles and technologies such as, firewalls, IDS/IPS, DLP, Encryption, SIEM, UEBA, EDR, SOAR, Threat Intelligence, Web Proxy/Content Filtering, Active Directory, and PKI.
• Experience with industry standards and frameworks such as CVE, CVSS, NIST, SANS 25 and OWASP.
• Experience deploying solutions for monitoring of security best practices in cloud resources, CI/CD pipelines and Kubernetes platforms.
• Familiarity with infrastructure as code tools (Terraform, CloudFormation, etc)
• Familiarity with more than one cloud vendor (AWS, GCP, Azure).
• Ability to work alongside a remote team, using a data-driven mindset to propose and own engineering decisions.
• Bachelor’s degree in Computer Science, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CEH, Security+).
• Proven experience working in a Security Operations Center (SOC) environment with a focus on vulnerability management.
• Excellent analytical and problem-solving skills, with the ability to prioritise and manage multiple tasks in a fast-paced environment.
• Strong attention to detail and a commitment to delivering high-quality results.
• Ability to work both independently and collaboratively as part of a team.