Cybersecurity Engineer
Recruiter
Listed on
Location
Salary/Rate
Type
This job has now expired please search on the home page to find live IT Jobs.
Cybersecurity Engineer - AED 30k - 38k p/m
Initial 12 Month Contract
Dubai
An opportunity for an experienced Cybersecurity Engineer has arisen to work for a prestigious organisation based in Dubai. As a successful candidate you will be responsible for executing and continuously refining the security verification processes defined by the assurance program consisting of risk assessments, vulnerability assessments and penetration tests based on industry best practices. Also, assist in evolving the assurance program on an ongoing basis to incorporate industry best practices, offensive and defensive attack techniques. This is an initial 12 month contract, with the expectation of further extension, or eventually becoming permanent.
Skills / Experience
*Certifications:
-Offensive Security Certified Professional (OSCP) - Preferred
-GIAC Web Application Penetration Tester (GWAPT) - Preferred
-Certified Information Systems Security Professional (CISSP) - Preferred
*Software engineering experience preferably with Java and .NET technologies.
*Experience building tools and processes to reliably identify security issues such as SQLi, XSS, CSRF, and business logic flaws across large code bases.
*Expertise with browser security controls (CSP, XFO, HSTS, etc.), web application security topics such as OWASP Top 10, and authentication infrastructure (SAML, OAUTH, JWT).
*Experience in database, application, and web server security design, implementation & review.
*Knowledge on Infrastructure Security is a plus.
Role Overview:
-Execute in-depth automated and manual discovery of security vulnerabilities in web applications, mobile applications, web services and client server application and associated infrastructure
-Execute thorough verification of the vulnerabilities found during the assessment and associated risk as per assessment framework
-Write comprehensive security assessment reports and make appropriate recommendations for the vulnerabilities that are identified during the security assessments
-Provide necessary knowledge transfer of the vulnerabilities found during the assessments to the software engineering teams by means of meetings, walkthroughs, technical discussions etc. for implementing appropriate security fixes.
-Track all the identified security weaknesses and risks through their life-cycle from identification to resolution to verification and closure through the Information Security Risk Tracking system.
-Participate in evolving the assurance program on an ongoing basis to incorporate industry best practices, offensive and defensive attack techniques
-Collaborate with software engineering teams to ensure a better understanding of the business and have to get more context for each assessments that needs to be carried out.
-Collaborate with application development teams on improving security in the Software Development Life Cycle (SDLC) by offering awareness, training, new tooling and expert review
This role may suit candidates, who hold the following job titles: Cyber Security Analyst, Network Security Analyst, Cyber Security Engineer, Threat Analyst, Cyber Threat Analyst, IT Security Analyst
Deerfoot IT Resources Ltd is a leading specialist recruitment business for the IT industry. We will always email you a full role specification, name our client and wait for your email authorisation before we send your CV to this organisation. Deerfoot IT: Est. 1997. REC member. ISO certified. *Each time we send a CV to a recruiting client we donate £1 to The Born Free Foundation (charity no. 1070906).
Deerfoot is acting as an Employment Agency in relation to this vacancy.
