CyberSecurity Engineering Specialist

Responsibilities: Design, implement, and enforce secure development practices across the SDLC in collaboration with software engineering teams. Conduct application security assessments, including SAST, DAST, code reviews, and support remediation of identified vulnerabilities. Integrate security controls into CI/CD pipelines and evaluate application security tools such as WAF, RASP, and API‑security platforms. Design, review, and secure REST/SOAP APIs including authentication, authorization, encryption, and access‑control models. Perform penetration testing support, vulnerability scanning, security test analysis, and oversee remediation activities. Assess and improve the security posture of cloud platforms (AWS, Azure), ensuring compliance with industry standards and regulatory requirements. Implement and manage database security controls such as access management, encryption, masking, and hardening across SQL and NoSQL systems. Conduct database vulnerability assessments, monitor for unauthorized access, and manage DAM tools and logging. Lead or support investigations of application and database‑related incidents, including forensic analysis and corrective actions. Develop and maintain incident response playbooks for application and database security scenarios. Ensure adherence to relevant compliance standards (PCI‑DSS, ISO 27001, NDPR) and maintain supporting policies and procedures. Research emerging threats, security technologies, and industry trends, and recommend enhancements to strengthen security posture. Provide training and awareness sessions on secure coding and database security best practices for developers and DBAs. Requirements: Bachelor’s degree in computer science or a technology-related field. Professional certifications such as CISSP, CSSLP, CEH, CISM, DevSecOps, etc. Minimum of 7–10 years’ experience in security engineering with a strong focus on application and database security. Hands‑on experience with application security tools (e.g., Burp Suite, OWASP tools) and database security technologies. Strong proficiency in programming (Python, Java, C#) and database systems (SQL, NoSQL, Oracle, MS SQL). Detailed knowledge and usage of API security, SIEM, antivirus, and IDPS technologies. Solid knowledge of secure SDLC, secure coding, and database security principles.