Cybersecurity Engineer
Indexed description
As a Cybersecurity Engineer, you will play a critical role in protecting our systems, applications, and infrastructure from evolving security threats. You will identify vulnerabilities, conduct penetration testing, and work closely with engineering teams to ensure timely remediation and strengthen overall security posture.
What You’ll Do
- Identify and remediate high-priority security vulnerabilities across web, mobile, infrastructure, cloud, and network environments.
- Conduct penetration testing (static and dynamic) on applications, systems, and services to uncover security weaknesses.
- Perform risk assessments , including impact analysis and providing clear remediation guidelines for developers and business stakeholders.
- Validate security fixes and mitigation efforts to ensure vulnerabilities are effectively resolved.
- Monitor and manage vulnerability remediation progress as part of an ongoing security program.
- Collaborate with development and engineering teams to ensure timely issue resolution.
- Support incident response investigations by providing technical insights and analysis.
- Develop and maintain security guidelines, best practices, and documentation for common vulnerabilities.
- Build and utilize tools, scripts, or exploits to support security testing and red team activities.
- Conduct security research on emerging threats, trends, and technologies.
- Support compliance initiatives such as ISO 27001, PCI DSS, and GDPR.
- Drive improvements in red team processes and security practices , and participate in knowledge-sharing sessions.
- 2–5 years of experience in cybersecurity areas such as application security, cloud security, network security, or security engineering.
- Hands-on experience in penetration testing (web, mobile, or infrastructure).
- Proficiency in programming/scripting languages such as Python, Go, or Ruby for tool development and code review.
- Strong knowledge of operating systems : Linux, FreeBSD, macOS, and Windows.
- Understanding of mobile security (iOS and Android platforms).
- Familiarity with security tools, frameworks, and testing methodologies .
- Knowledge of security standards and compliance frameworks (ISO 27001, PCI DSS, GDPR).
- Strong analytical thinking and ability to communicate risks clearly and effectively .
- Relevant certifications such as Pentest+, OSWP, eMAPT, eWPT, or eJPT are a strong advantage.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search