Cyber Security Engineer

About the Role:

We are seeking a skilled Cyber Security Engineer with expertise in Vulnerability Assessment (VA) and Penetration Testing (PT) to join our growing team. The candidate will be responsible for identifying, assessing, and mitigating security risks across applications, networks, and infrastructure while ensuring compliance with security standards and frameworks.

Key Responsibilities:

Perform Vulnerability Assessments & Penetration Testing (VA/PT) on web applications, APIs, mobile applications, networks, and cloud infrastructure.

Conduct threat modeling, risk assessments, and exploit testing to identify weaknesses.

Generate detailed security assessment reports, including proof-of-concept (POC) and remediation guidance.

Collaborate with development, DevOps, and IT teams to close security gaps.

Implement security best practices in SDLC, CI/CD pipelines, and cloud deployments.

Stay up to date with the latest vulnerabilities, exploits, and security technologies.

Ensure compliance with ISO 27001, NIST, OWASP, GDPR, and other regulatory standards.

Mandatory Technical Skills:

Strong knowledge of VA/PT tools such as Burp Suite, Nessus, Acunetix, Metasploit, Wireshark, Nmap, and Kali Linux.

Proficiency in OWASP Top 10 and SANS CWE 25 vulnerabilities.

Experience with network security testing, firewalls, IDS/IPS, endpoint security, and cloud security (AWS/Azure/GCP).

Knowledge of secure coding practices and common attack vectors (SQLi, XSS, CSRF, SSRF, RCE, etc.).

Familiarity with SIEM, DLP, SOAR, and Threat Intelligence platforms.

Scripting skills (Python, Bash, PowerShell) for automation of security tasks.

Preferred Qualifications:

Certifications such as CEH, OSCP, GPEN, GWAPT, CISSP, or similar.

Hands-on experience in red teaming or bug bounty programs.

Understanding of cloud-native security tools and DevSecOps practices.

Soft Skills:

Strong analytical and problem-solving abilities.

Excellent written and verbal communication skills.

Ability to work independently and in a collaborative team environment.

Education:

Bachelors degree in Computer Science, Information Security, or a related field.

Relevant certifications are highly desirable.