Cyber Security Engineer

Avrioc Technologies, headquartered in Abu Dhabi, UAE, specializes in developing applications, software, games, and AI models that enhance daily experiences. Its offerings include CBUAE Licensed Fintech solution, AI-driven products, indoor cycling platform, VoIP application, and freelance platform. The company is dedicated to innovation and continuous growth, aiming to transform ordinary experiences into extraordinary ones.

Responsibilities:

• The Cyber Security Engineer will report to the Cyber Security Lead. This role requires hands-on expertise in securing cloud environments, applications, and performing VAPT as a part of red team. The ideal candidate will work on the ground to implement security controls, perform assessments, and ensure a robust cybersecurity posture across the organization.
• Implement and maintain AWS Cloud Security Posture Management (CSPM) solutions to safeguard cloud infrastructure.
• Assess and enhance the security of Kubernetes environments, ensuring alignment with best practices.
• Conduct source code analysis and review to identify and address vulnerabilities.
• Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) using industry-standard tools.
• Manage Web Application Firewalls (WAF) to protect against application-layer threats.
• Conduct comprehensive web and mobile application security assessments, identifying and mitigating risks.
• Integrate and maintain DevSecOps tools and practices into CI/CD pipelines to embed security in the development lifecycle.
• Implement and monitor software supply chain security measures, focusing on dependency and third-party library management.
• Perform threat modelling to proactively identify and address security weaknesses in applications and systems.
• Conduct vulnerability assessments and penetration testing (VAPT) to uncover and remediate security gaps.
• Collaborate with blue team teams to optimize SIEM (Security Information and Event Management), PAM (Privileged Access Management), and DAM (Database Activity Monitoring) solutions.
• Respond to and resolve identified threats, incidents, and vulnerabilities efficiently and effectively.

Qualifications:

• Bachelor's degree in information security, Computer Science, or a related field.
• 5-7 years of hands-on experience in cybersecurity roles with a focus on cloud, application, and infrastructure security.
• Certifications such as AWS Certified Security Specialty, OSCP, CEH, or similar are preferred but not mandatory.
• Proven experience with AWS Cloud Security tools, SAST/DAST tools, and DevSecOps practices.
• Practical knowledge in Kubernetes security and application security assessments.
• Proficiency in cloud security, application security tools, and DevSecOps workflows.
• Strong understanding of web and mobile application security standards (e.g., OWASP Top 10).
• Familiarity with security tools like WAFs, SIEMs, PAMs, and DAMs.
• Strong analytical and problem-solving skills, with the ability to work independently on tasks.