Cybersecurity Engineer

This role is for one of the Weekday's clients

Cybersecurity Engineer

Requirements

Key Responsibilities

• Security Framework Implementation: Develop, implement, and maintain cybersecurity policies, procedures, and standards in alignment with ISO 27001, ISO 27002, and ISO 13485 requirements.
• Risk Management: Identify, assess, and mitigate security risks across infrastructure, applications, and data. Ensure risk assessments are performed regularly and documented effectively.
• Compliance & Auditing: Support internal and external audits by preparing necessary documentation, evidence, and reports. Ensure continuous compliance with industry regulations and certification requirements.
• Incident Response: Manage and respond to security incidents, conduct root-cause analysis, and implement corrective actions to prevent recurrence.
• Security Awareness: Promote a culture of security awareness by supporting training and providing guidance to teams across the organization.
• Vulnerability Management: Perform regular vulnerability assessments, penetration testing coordination, and remediation follow-ups.
• System Security Integration: Collaborate with IT, product, and engineering teams to integrate secure practices into system design, development, and deployment.
• Monitoring & Reporting: Utilize monitoring tools to detect anomalies, suspicious activity, or policy violations, and provide timely reports to management.
• Documentation: Develop and maintain comprehensive documentation related to policies, risk assessments, incident reports, and compliance evidence.
• Continuous Improvement: Stay updated with evolving cybersecurity threats, emerging technologies, and regulatory updates to recommend proactive measures.
  

Required Skills & Qualifications

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 3-6 years of proven experience in cybersecurity, with strong exposure to ISO standards (ISO 27001, ISO 27002, ISO 13485).
• Strong knowledge of information security frameworks, regulatory requirements, and best practices.
• Hands-on experience with security tools and technologies such as SIEM, IDS/IPS, firewalls, endpoint protection, vulnerability scanners, and encryption solutions.
• Solid understanding of network protocols, cloud security, access management, and data protection principles.
• Experience conducting risk assessments, gap analysis, and compliance audits.
• Excellent problem-solving skills, analytical thinking, and attention to detail.
• Strong communication and documentation skills to effectively collaborate with cross-functional teams and auditors.
  

Preferred Qualifications

• Relevant cybersecurity certifications such as CISSP, CISM, CISA, ISO 27001 Lead Implementer/Lead Auditor, CEH, or equivalent.
• Experience in regulated industries such as healthcare, medical devices, or pharmaceuticals where ISO 13485 compliance is required.
• Familiarity with GDPR, HIPAA, or other global data protection regulations