Information Security Engineer
Indexed description
Key Responsibilities
Security Design and Architecture:
- Design and implement robust security architectures that encompass network, application, and data security.
- Develop and enforce security policies, standards, and procedures to ensure the protection of information systems.
- Implement secure software development lifecycle (SDLC) practices, including secure coding standards, code reviews, and vulnerability assessments.
- Work closely with development teams to integrate security into the software development process.
- Conduct security testing of applications, including static and dynamic analysis, and penetration testing.
- Identify and address software vulnerabilities and provide guidance on secure coding practices.
- Develop and maintain tools and frameworks for automating security testing and compliance.
- Conduct comprehensive security assessments, including penetration testing, vulnerability scanning, and threat modeling.
- Identify and assess vulnerabilities and security risks, and develop mitigation strategies.
- Collaborate with development and operations teams to prioritize and remediate vulnerabilities.
- Coordinate incident response activities, including detection, containment, eradication, and recovery.
- Perform post-incident analysis to identify root causes and implement preventive measures.
- Implement and manage security monitoring tools, such as SIEM systems, IDS/IPS, and firewalls.
- Analyze security logs and reports to identify suspicious activities and potential security breaches.
- Ensure compliance with relevant regulations and standards, such as ISO 27001, PCI DSS, NIST and GDPR.
- Support internal and external audits by providing necessary documentation and evidence.
- Bachelor’s degree in Communication Engineering, Computer Science, Information Security, Cybersecurity, or a related field.
- 1-3 years of experience in information security, with a focus on security engineering and software security.
- Strong knowledge of security technologies, including firewalls, encryption, IDS/IPS, SIEM, and endpoint protection.
- Extensive experience in secure software development, application security, and threat modeling.
- Familiarity with secure coding practices and security testing methodologies.
- Relevant certifications such as CISSP, CEH, OSCP, or similar.
- Experience with cloud security, network security, and application security.
- Excellent problem-solving skills and the ability to handle complex security challenges.
- Strong communication skills, with the ability to explain technical concepts to non-technical stakeholders.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search