Cyber Security Engineer - Vulnerability Management & Risk Assessment

Overview :

We are seeking a highly skilled Cybersecurity Engineer to protect our organization's digital assets, infrastructure, and sensitive data. The ideal candidate will have hands-on experience with security frameworks, risk management, threat detection, and incident response, along with a deep understanding of modern cybersecurity technologies and best practices.

Key Responsibilities :

Security Architecture & Implementation :

- Design, implement, and maintain robust security solutions across networks, systems, and applications.

- Establish and enforce cybersecurity policies, standards, and procedures in alignment with organizational goals.

- Conduct security assessments and audits to identify vulnerabilities and recommend mitigation strategies.

Threat Monitoring & Incident Response :

- Monitor networks, systems, and applications for security breaches, threats, and anomalies.

- Investigate and respond to security incidents, performing root cause analysis and remediation.

- Develop and maintain incident response plans, playbooks, and disaster recovery strategies.

Vulnerability Management & Risk Assessment :

- Conduct regular vulnerability scans, penetration testing, and risk assessments.

- Identify, prioritize, and remediate security vulnerabilities across systems and applications.

- Collaborate with IT and development teams to implement security controls and patches.

Security Tools & Technology Management :

- Deploy and manage security tools such as SIEM (Splunk, QRadar), firewalls, IDS/IPS, endpoint protection, DLP, and identity management solutions.

- Evaluate emerging cybersecurity technologies and recommend improvements.

Compliance & Governance :

- Ensure adherence to regulatory and industry standards (ISO 27001, NIST, GDPR, HIPAA, PCI-DSS, etc.).

- Maintain documentation for audits, compliance, and risk management.

- Conduct security awareness programs and training for employees.

Collaboration & Reporting :

- Work closely with IT, DevOps, and development teams to integrate security into systems and processes.

- Prepare reports and dashboards on security posture, incidents, and mitigation efforts for stakeholders and leadership.

Required Skills & Qualifications :

- 4- 10 years of experience in cybersecurity, information security, or related roles.

- Strong knowledge of network security, endpoint security, cloud security, application security, and identity management.

- Hands-on experience with firewalls, VPNs, IDS/IPS, SIEM tools, DLP, encryption technologies, and anti-malware solutions.

- Experience in vulnerability assessment, penetration testing, and threat intelligence.

- Strong understanding of security frameworks and standards (NIST, ISO 27001, CIS Controls).

- Proficiency with Linux and Windows administration, networking protocols, and cloud platforms (AWS, Azure, GCP).

- Excellent analytical, problem-solving, and incident response skills.

- Strong communication and collaboration skills, with the ability to explain technical risks to non-technical stakeholders.

Preferred Skills & Certifications :

- Certifications such as CISSP, CEH, CISM, CompTIA Security+, GIAC.

- Experience with DevSecOps practices, secure software development, and CI/CD security integration.

- Knowledge of cloud-native security tools, container security, and serverless architectures.

- Experience in forensics, malware analysis, and advanced threat hunting.

- Familiarity with AI/ML-driven security monitoring and automation.