Cyber Security Engineer

This role is responsible to define and ensure security requirements are implemented on any IaaS, PaaS or on-prem infrastructure and to identify risks within SaaS platforms that could impact the confidentiality, integrity, and availability of information assets.

Your key activities:

• You will perform security reviews on new and existing applications to ensure that all security requirements are implemented and that each application aligns with the organization’s established security baselines.
• You will support the architecture team with threat model, assess risks, and help implement security controls and/or mitigations to address identified issues.
• You will embed security into all phases of the product lifecycle—from early discovery and threat modeling to design reviews and secure delivery, and ongoing monitoring and testing post-release.

Core responsibilities:

• Perform deep architecture and security reviews on applications (cloud and on-prem) to identify vulnerabilities
• Design applications security requirements, performing threat modelling and managing applications pentests.
• Support decision-making by determining the tradeoffs between security and business requirements
• Lead implementation of strategic security initiatives that improve security across company

Requirements:

• Bachelor’s degree in computer science, Cybersecurity, or a related field (or equivalent experience).
• 5–8+ years of experience in cloud applications, cybersecurity, or related domains.
• Strong experience performing threat modelling and security reviews.
• Possess hands-on experience on whitebox, greybox, and blackbox assessments or oversight applications pen tests focusing on OWASP.
• Strong documentation skills.
• Experience working with various IT Teams and non-IT teams of various disciplines.
• The ability to assimilate complex technical challenges and provide appropriate security advice that delivers the right business outcomes.
• Self-motivated, experience in solving complex problems.
• Strong communication and collaboration skills who feels comfortable working closely with Architecture and Infrastructure teams.
• Ability to learn and apply new technologies quickly and in complex deployments.

Nice to have:

• Relevant certifications: CISSP, CCSP, or equivalent.
• Expert knowledge of zero trust, identity, threat detection, and threat modelling and security practices.