Job
Description
. Key Responsibilities: Design, develop, and maintain secure applications and systems using C/C++ in a Linux environment. Create and maintain shell scripts for automating security tasks and improving operational efficiency. Conduct security assessments, penetration tests, and vulnerability analysis for various applications and systems. Perform threat modeling and risk analysis for software and hardware systems. Identify, analyze, and resolve security vulnerabilities and weaknesses in code, configurations, and infrastructure. Collaborate with cross-functional teams to integrate security controls and mechanisms into the software development lifecycle. Monitor, analyze, and respond to security incidents and breaches. Keep up with the latest trends, threats, and vulnerabilities in the cybersecurity landscape. Contribute to the development of internal security tools, utilities, and frameworks. Provide guidance and mentorship to junior engineers on secure coding practices and threat mitigation. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent practical experience). Strong proficiency in C or C++ programming languages. Solid experience with Linux operating systems (e.g., Ubuntu, CentOS, Debian, etc.) and Linux-based security tools. Expertise in shell scripting (Bash, Python, Perl, etc.) to automate tasks and streamline security processes. Familiarity with Linux system internals, file systems, and kernel-level programming. Experience with security tools such as static/dynamic analysis tools, debuggers, and reverse engineering. Strong understanding of security protocols (SSL/TLS, SSH, etc.), encryption, and authentication mechanisms. Practical experience with network protocols (TCP/IP, HTTP, DNS, etc.) and security vulnerabilities. Experience in security testing, penetration testing, vulnerability scanning, and remediation. Familiarity with common security frameworks and standards (OWASP, NIST, etc.). Ability to troubleshoot and resolve complex security issues on Linux systems. Preferred Qualifications: Certifications such as OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), or CISSP (Certified Information Systems Security Professional). Experience with security tools such as Wireshark, Metasploit, Nessus, Burp Suite, or similar. Familiarity with containerization technologies (e.g., Docker, Kubernetes) and securing cloud-based infrastructures. Experience with security research and developing proof-of-concept exploits or patches. Understanding of web application security vulnerabilities (SQL injection, XSS, CSRF, etc.). Knowledge of secure software development life cycle (SDLC) and security testing methodologies. Soft Skills: Strong problem-solving skills with the ability to think critically and analytically. Excellent communication skills to clearly articulate security risks and technical concepts to non-technical stakeholders. Ability to work independently and in collaborative, cross-functional teams. Strong attention to detail and a passion for maintaining a high standard of security.
