Indivara Group
Linkedin · Posted 2mo ago
Cyber Security
Continue to application
Add your email once, then Caio opens the original posting.
Indexed description
Key Responsibilities
- Monitor, analyze, and respond to security incidents across applications, Linux servers, and cloud infrastructure.
- Design and implement security controls using Secure-by-Design / Security-by-Default principles.
- Collaborate with developers to review application architecture, configurations, and security-relevant code.
- Support and participate in penetration testing (web, API, infrastructure), including validation of findings and remediation.
- Perform basic threat modeling and risk assessment for new and existing systems.
- Improve security logging, monitoring, and alerting using SIEM and endpoint security tools.
- Participate in incident response, root cause analysis, and post-incident reviews.
- Maintain practical security guidelines and best practices for engineering teams.
- Hands-on Linux experience (daily usage, basic processes, permissions, networking, and log analysis).
- Ability to read and understand application code for security analysis (Python, Java, JavaScript, or similar).
- Experience supporting or conducting penetration testing or vulnerability validation (not limited to scanning only).
- Understanding of web & API security fundamentals (OWASP Top 10).
- Exposure to applying Secure-by-Design principles within SDLC.
- Understanding of attacker techniques and common attack paths.
- Experience analyzing vulnerabilities and distinguishing false positives vs real risks.
- Basic experience securing AWS resources (IAM usage, EC2/Linux hardening basics, logging).
- Understanding of SIEM concepts (log sources, alerting, basic correlation).
- Basic knowledge of EDR/XDR and endpoint incident response concepts.
- Ability to clearly explain security risks and remediation to technical and non-technical stakeholders.
- Hands-on experience with pentest or security tools (Burp Suite, Metasploit, Nessus, etc.).
- Exposure to SOAR or incident response automation; scripting with Python/Bash.
- Experience with SIEM/HIDS platforms (Wazuh, ELK, Splunk, or equivalent).
- DevSecOps exposure (CI/CD security, automation).
- Container or Kubernetes security exposure.
- Familiarity with ISO 27001 controls or security compliance.
- Relevant certifications (OSCP, CEH, GWAPT, Security+, or equivalent).
- Experience in fintech, banking, or high-risk transaction environments.
- Strong analytical and problem-solving mindset.
- Comfortable working under pressure during incidents.
- Good communication with developers and operations teams.
- High ownership and continuous learning mindset.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search
Want help applying to roles like this?
Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent