We are seeking an experienced and highly skilled Cyber Security Engineer to join our team and play a critical role in protecting our organization's systems and data. The successful candidate will have a strong background in cyber security, with expertise in identifying and mitigating security risks and vulnerabilities. Your knowledge and experience in the field will be invaluable in ensuring the security, privacy, and compliance of our web and mobile applications.
Responsibilities:
- Design, implement, and maintain security measures to protect our organization's systems, networks, and applications from cyber threats and vulnerabilities.
- Conduct regular security audits, vulnerability assessments, and penetration tests to identify potential risks and areas for improvement.
- Develop and implement security policies, procedures, and best practices to ensure compliance with industry standards and regulations.
- Collaborate with cross-functional teams, including frontend developers, backend developers, and DevOps engineers, to ensure security is integrated into all aspects of our software development life cycle.
- Monitor, analyze, and respond to security events, incidents, and breaches, conducting thorough investigations and recommending appropriate remediation measures.
- Stay up-to-date with the latest cyber security trends, tools, and best practices to ensure our organization remains at the forefront of cyber defense.
- Provide training and guidance to team members on security awareness, best practices, and incident response.
- Assist in the development of disaster recovery and business continuity plans.
- Develop and maintain documentation related to security policies, procedures, and incident reports.
- Contribute to the continuous improvement of security processes, tools, and technologies.
Qualifications:
- Bachelor's degree in Computer Science, Engineering, Cyber Security, or a related field; relevant certifications, such as CISSP, CISM, or CEH, are preferred.
- 5+ years of experience in cyber security, with a focus on application and network security.
- Strong knowledge of security principles, technologies, and best practices, including encryption, authentication, and access control.
- Experience with security testing tools and methodologies, such as vulnerability scanners, penetration testing tools, and security information and event management (SIEM) systems.
- Familiarity with security frameworks and standards, such as NIST, ISO, or CIS.
- Knowledge of Microsoft Azure infrastructure and Azure Directory B2C security features is a plus.
- Proficient in scripting languages, such as Python, Bash, or PowerShell.
- Excellent problem-solving, communication, and collaboration skills, with the ability to work effectively in a team-oriented environment.
- Experience in Agile/Scrum development methodologies is preferred.
- A strong understanding of the software development life cycle (SDLC) and the role of security within it.