Key responsibilities:

• Develop, implement, and monitor security measures, including controls, defenses, and countermeasures, to prevent and intercept attempts at unauthorized access to company emails, data, e-commerce, and web-based systems.
• Manage the administration of cybersecurity policies to regulate both physical and virtual access to systems.
• Conduct comprehensive vulnerability assessments, penetration testing, and source code reviews for web applications to strengthen the security of critical assets.
• Provide support and guidance on maintaining hardware, software, and network security measures, including firewalls and encryption protocols.
• Formulate recommendations and design secure architectural configurations to ensure the integrity and confidentiality of operations.
• Perform network security audits and tests; assess system security setups to ensure their effectiveness and compliance with established policies and procedures.
• Respond promptly to cybersecurity incidents, detect intrusions, and mitigate threats by isolating and eliminating unauthorized access.
• Investigate cybersecurity threats, conduct thorough root cause analyses, and stay abreast of the latest security trends and techniques.
• Assists in the creation and implementation of security solutions.
• Assist in the incident management process.
• Assist in IS audits process (ISO 27001, PCI DSS, ISO 27018, SOC2).
• Oversee and guide the implementation of organizational policies and rules in individual technical processes.

Requirements:

• Proven track record of execution and security-focused role and deep understanding of software development methodologies;
• Will be a huge plus if you already worked with Greenbone /BurpSuite/ Fossa;
• Expertise in identifying common application vulnerabilities, attack vectors, and implementing effective mitigation techniques;
• Hands-on experience with security tools like static and dynamic analysis tools, web application firewalls, etc.;
• Familiarity with security standards and frameworks (e.g., OWASP, NIST, ISO 27001);
• Outstanding communication skills to effectively collaborate with both technical and non-technical stakeholders;
• Strong analytical and problem-solving capabilities to address complex security issues;
• Ability to work autonomously and collaboratively, managing priorities to deliver high-quality results within established deadlines;
• Understanding of specifics of threat modeling in cloud technologies, and CDN operations;
• Experience in conducting security system tests for performance and availability, including disaster recovery planning;
• Collaborative work experience with development engineers.