Senior Cyber Security Engineer

[Mr. Job]

الصحف المصرية والعربية

We seek a highly skilled, experienced, and self-motivated Senior Cyber Security Engineer. You will play a critical role in fortifying the security posture of Atlan, by implementing cutting-edge security best practices like Policy as Code and Shift Left Security and ensuring compliance with industry standards such as SOC 2, HIPAA, GDPR, and ISO27001.


What you will do?
<li style="">Be the subject matter expert for Information Security matters. Implement and manage security best practices that bolster the security posture of the organization.&#160;<li style="">Identify security gaps, explore and Identify open source or 3rd party solutions that address the security gaps, and prove the ROI for each solution with a strong business use case.<li style="">Partner with GRC engineers in driving cyber security initiatives covering :&#160;Cloud Security, Application Security, Endpoint Security, Data Security, Email Security etc<li style="">inline with frameworks like SOC 2, ISO 27001, GDPR, NIST, and other data privacy and cybersecurity frameworks.<li style="">Partner with GRC engineers in risk assessments and developing relevant policies, procedures, and guidelines for security compliance and support in security audits for various standards and client questionnaires.Vulnerability Management :&#160;
<li style="">Develop internal capabilities to identify vulnerabilities, misconfigurations, and violations of best practices using Vulnerability Assessments, Penetration Testing, Threat Modelling, Security Review /Audits etc.<li style="">Develop and maintain vulnerability management processes and procedures to streamline the identification, reporting, and resolution of security vulnerabilities.<li style="">Manage VAPT partner(s) and collaborate with cross-functional teams to ensure that vulnerabilities are remediated in the defined SLA.<li style="">Create dashboard/reports to communicate the performance of various security initiatives to the entire org such as External VAPT, Secret Scanning, SCA, SAST, DAST, and Internal VAPT.<li style="">Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management.SOC :&#160;
<li style="">Use data/logs collected from a variety of tools (e.g Audit logs, access control logs EDR, identity provider, MDM, SaaS platforms, AWS, GCP, Azure, WAF, Application Logs, etc) to analyze, identify and mitigate potential threats/anomalies.&#160;<li style="">Build response workflows and actions that auto-resolve false positives, enabling engineers to focus on relevant threats.<li style="">Develop and automate security workflows, playbooks, and tools to improve the efficiency and effectiveness of security operations.Policy as a Code:&#160;
<li style="">Drive the implementation of Policy as Code methodologies to automate and enforce security policies throughout the organization.Shift Left Security:&#160;
<li style="">Advocate and identify Shift Left Security practices to embed security into the early stages of the development lifecycle.<li style="">Partner with Cloud Infra and IT team in implementing shift left security practices, such as :<li style="">Embedding security practices in SDLC & Cloud infrastructure.<li style="">Embedding the GRC team approvals/reviews in day-to-day processes to enable better governance.Security Incident Management :&#160;
<li style="">Support security incident response in a cross-functional environment and drive incident resolution for internal and external threats.<li style="">Carry out digital forensics as part of security incident investigation.<li style="">Ensure that engineering teams understand the impact of an incident and derive corrective and preventive actions for themselves.Security Training:&#160;
<li style="">Drive the security mindset across the organization in partnership with the GRC team.<li style="">Create awareness/training content that forces engineering teams to embed a security shift left approach.

What makes you a match
<li style="">5+ years of relevant industry experience in a security engineering or cloud infrastructure security team.<li style="">Strong coding proficiency in Python /Go/ Shell etc.<li style="">Strong technical knowledge of security principles and technologies such as, firewalls, IDS/IPS, DLP, Encryption, SIEM, UEBA, EDR, SOAR, Threat Intelligence, Web Proxy/Content Filtering, Active Directory, and PKI.<li style="">Experience with industry standards and frameworks such as CVE, CVSS, NIST, SANS 25 and OWASP.<li style="">Experience deploying solutions for monitoring of security best practices in cloud resources, CI/CD pipelines and Kubernetes platforms.<li style="">Familiarity with infrastructure as code tools (Terraform, CloudFormation, etc)<li style="">Familiarity with more than one cloud vendor (AWS, GCP, Azure).<li style="">Ability to work alongside a remote team, using a data-driven mindset to propose and own engineering decisions.<li style="">Bachelor’s degree in Computer Science, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CEH, Security+).<li style="">Proven experience working in a Security Operations Center (SOC) environment with a focus on vulnerability management.<li style="">Excellent analytical and problem-solving skills, with the ability to prioritise and manage multiple tasks in a fast-paced environment.<li style="">Strong attention to detail and a commitment to delivering high-quality results.<li style="">Ability to work both independently and collaboratively as part of a team.





Read More

NB: If You Couldn't Connect To Job Details, Please Replace HTTPS by HTTP In The Adress Bar