DISCOVER OUR EXPERTISE
Senior Security Engineer
- Posted 23 February 2024
- Salary 35-40K AED p/m and benefits
- LocationDubai
- Job type Permanent
- Discipline InfoSec & Cybersecurity
- Contact NameBrett Lockett
Job description
We are currently partnering with a leading e-commerce client who are looking to add to their existing security engineering team in Dubai.
As a Senior Security Engineer, you will work on next-generation technology platforms and utilize the very latest tools across application/product security.
If you are an experienced security professional who is hungry for a new adventure in an international workplace then this is the perfect role for you.
Responsibilities:
• Craft and implement a comprehensive cloud security plan for our Cloud environment.
• Create, implement and maintain security automation tools as required for monitoring vulnerabilities, misconfiguration and incidents.
• Apply appropriate security controls to cloud services to protect against potential threats.
• Collaborate with the responsible engineers to resolve identified security weakness.
• Champion security with development teams to make their code more secure, primarily through automated code review by integrating the checks into the CICD pipeline.
• Act as technical leader for security incident management and related forensics analysis (first responders).
• Provide security event analysis and escalation for identified threats.
• Oversee evaluation and trials of innovative cyber products to recommend based on alignment with business objectives.
• Create documentation, publish and deliver training sessions to the team.
Skills / Experience Required:
• Bachelor’s degree in computer science, Information Security or equivalent experience required.
• Proficiency in C# (other languages like C, C++, Python, Java, Ruby or assembler are a plus).
• You can read and break code in C# (other languages like Python, Java, C/C++ and PHP are a plus).
• Working knowledge of common application and network security assessment tools and techniques.
• Experience with different types of attack vectors like DoS/DDoS, SQL injection, Session Hijacking, Cross Site Scripting (XSS)...etc.
• Experience with vulnerability management (identifying, tracking, prioritizing, and collaboration with responsible teams to resolve).
• Experience in security and compliance frameworks like NIST, ISO, data protection, PCI.
• Experience working in cloud environments, CI/CD, iaC, and solutions architect is a plus.
• Experience working with network security and analysis tools such as IDS/IPS, sniffers, WAFs, firewall ACLs is a plus.
• Certifications like CISSP, CISM, CEH, OSCP, OSCE are a plus.