Cyber Sec Archt/Engr II

Cyber Sec Archt/Engr II

Roles and Responsibilities:

• Serve as an individual contributor within the Product Security Assurance Team, with minor team leadership accountabilities.
• Provide mentorship, expertise, and direction to junior team members, assisting with internal team training.
• Champion strategic Product Security initiatives and ensure client deliverables are met on time.
• Proactively anticipate and address escalations related to product security.
• Lead initiatives to engineer more effective security solutions and develop robust methodologies.
• Determine scoping requirements and deliver comprehensive Security Testing across various product domains.
• Assist in the development of modular, repeatable, and effective Security Testing processes.
• Partner with the Tools and Technology Team to select, implement, develop, and automate testing with appropriate tools.
• Collaborate with cross-functional teams to develop practical remediation suggestions for identified vulnerabilities.
• Report observations using standardized reporting structures and assist in the development of secure-by-design principles.

Skills Requirement:

• Demonstrated experience in penetration testing across various domains (Web, Network, Mobile App, Thick Client, API, Web services, Cloud, Containers).
• Understanding of application protocols, development, and common attack vectors.
• Strong cybersecurity capabilities coupled with solid software engineering skills.
• Experience with penetration testing tools and frameworks such as Burp Suite, IDA Pro, GHidra, Kali, OWASP, Metasploit, Nessus, Nmap, MObSF, Genymotion, Frida, and APK Tool.
• Scripting experience in Python, Powershell, and Bash is preferred.
• Experience working with other programming languages such as C, C++, Java, .NET, or JavaScript.
• Excellent understanding of security by design principles and architecture-level security concepts.
• Up-to-date knowledge of current and emerging security threats and techniques for exploiting vulnerabilities.
• Effective oral and written communication skills and good interpersonal skills.
• Demonstrated project management skills.
• Relevant Security certifications such as CEH, OSCP, or GPEN are highly valued.
• Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques.
• Experience in integrating pentest tools into CI/CD pipelines.

QUALIFICATION:

• Bachelor's degree in Computer Science, Software Engineering, Electrical Engineering, or equivalent experience.