Security Engineer - Endpoint Detection & Response

Responsibilities :

- Security Architecture and Design : Design and implement secure authentication and authorization mechanisms for end-user applications.

- Authentication Protocol Expertise : Implement and manage authentication protocols such as OAuth, SAML, OpenID Connect, and MFA.

- Application Security Testing : Conduct security assessments, penetration testing, and vulnerability scanning of end-user applications.

- Vulnerability Remediation : Identify, analyze, and remediate security vulnerabilities in applications and authentication systems.

- Security Policy Enforcement : Develop and enforce security policies and procedures related to end-user application access and authentication.

- Incident Response : Participate in incident response activities related to security breaches or authentication failures.

- Security Monitoring : Implement and maintain security monitoring tools to detect and respond to security threats.

- Collaboration : Work closely with development, operations, and other security teams to ensure a secure development lifecycle.

- Documentation : Create and maintain security documentation, including security architecture diagrams, policies, and procedures.

- Staying Current : Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices.

- End User Support : Provide support and guidance to end-users regarding security best practices and authentication procedures.

- Automation : Automate security tasks and processes to improve efficiency and reduce manual effort.

- Experience with application security testing tools and techniques (SAST, DAST, penetration testing).

- Knowledge of security frameworks and standards (e.g., OWASP, NIST).

- Experience with security monitoring tools (e.g., SIEM).

- Proficiency in at least one scripting language (e.g., Python, Bash).

- Excellent problem-solving and analytical skills.

- Strong communication and interpersonal skills.

- Relevant security certifications (e.g., CISSP, CEH, Security+) are a plus.

- Experience with cloud security (AWS, Azure, GCP) is a plus.

- Application Security Testing (SAST, DAST, Penetration Testing)

- Vulnerability Management

- Security Monitoring (SIEM)

- Scripting (Python, Bash)

- Cloud Security (AWS, Azure, GCP - Optional)

- Security Architecture

- Incident Response

- Security Policy Development

- Communication and Collaboration