Senior Cybersecurity Engineer

Responsibilities

• Oversee and implement secure, scalable, and highly available cybersecurity solutions across diverse platforms, with a primary focus on cloud-based environments.
• Architect, deploy, and maintain security infrastructure components, including Intrusion Detection/Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) platforms, Endpoint Detection and Response (EDR) solutions, and Web Application Firewalls (WAFs).
• Collaborate with development and engineering teams to integrate security into the software development lifecycle through activities such as code reviews, threat modeling, and vulnerability assessments.
• Develop and maintain CI/CD pipelines with a strong emphasis on security checks, tests, and analysis of code and dependencies.
• Manage advanced security tools (e.g., SAST, DAST, IAST) and endpoint protection solutions to proactively detect, monitor, and respond to threats and security incidents.
• Conduct risk assessments, threat analyses, and forensic investigations, addressing vulnerabilities and responding to security incidents in a timely and effective manner.
• Contribute to the development, maintenance, and execution of incident response plans, ensuring readiness for potential security events.
• Stay current with emerging technologies and industry trends, offering expert guidance on best practices to enhance the organization’s security posture.

Requirements

• 5+ years of advanced technical experience in cybersecurity or security engineering roles.
• Comprehensive understanding of cloud security services, including AWS (e.g., IAM, Security Groups, GuardDuty) and GCP (e.g., Cloud Armor, Security Command Center).
• Experience with Cloudflare for DNS, CDN, and WAF services.
• In-depth knowledge of security systems, intrusion detection, encryption technologies, network protocols, and best practices for securing cloud environments.
• Proficiency with security tools such as vulnerability scanners, SIEM, DAST, and intrusion detection systems (e.g., Wazuh, Zeek, Suricata), as well as endpoint protection solutions (e.g., Sentinel One).
• Expertise in vulnerability assessments and incident response processes.
• Familiarity with security standards (e.g., OAuth, OpenID Connect, SSL/TLS) and compliance frameworks (e.g., ISO 27001, NIST 800-61, SANS, SOC 2).
• Proficiency in scripting languages such as Python, PowerShell, or Bash for security automation and tool integration.
• Relevant certifications such as CISSP, OSCP, or CISM are highly preferred.
• Strong problem-solving skills with the ability to respond effectively to security incidents and vulnerabilities.