Senior Engineer - Security - Emirati Hiring

Senior Engineer - Security - Emirati Hiring

KATIM is a leader in the development of innovative secure communication products and solutions for governments and businesses. As part of the Space & Cyber Technologies cluster at EDGE, one of the world’s leading advanced technology groups, KATIM delivers trust in a world where cyber risks are a constant threat, and fulfills the increasing demand for advanced cyber capabilities by delivering robust, secure, end-to-end solutions centered on four core business units: Networks, Ultra Secure Mobile Devices, Applications, and Satellite Communications. Our talented team of cross-functional experts continually takes on new challenges. We work with the energy of a start-up yet the discipline of a large business to make solutions and products work for our customers at scale.

As a Senior Security Engineer, you will play a pivotal role in safeguarding KATIM's infrastructure and products. This position requires the design, implementation, and management of sophisticated security measures to defend against evolving threats. The ideal candidate will have a comprehensive understanding of security principles and standards, hands-on expertise with security technologies, and a proven ability to lead projects and deliver results within deadlines. Collaboration with cross-functional teams is essential to ensure that security is seamlessly integrated into every aspect of our technological framework.

Key Responsibilities:

1. Contribute to develop and implement robust security architectures for KATIM’s systems and applications, ensuring alignment with industry best practices and regulatory requirements.
2. Create and maintain comprehensive documentation for security architectures and solutions.
3. Oversee and, when necessary, contribute to the configuration and operation of a comprehensive suite of security tools and technologies, including firewalls, IDS/IPS, WAF, proxies, email security, DLP, IRM/DRM, ATP, network infrastructure, and endpoint protection solutions.
4. Ensure the confidentiality, integrity, and availability of on-premise and cloud environments, servers, databases, laptops, firewalls, and other devices for secure data storage and transfer.
5. Establish new network security standards, including policies, security review processes, and guidelines for routers, firewalls, switches, and wireless access points.
6. Collaborate with development and infrastructure teams to integrate security best practices into system designs.
7. Evaluate various solutions from a security perspective and provide assessment reports.
8. Work with relevant teams to prioritize and address vulnerabilities promptly.
9. Oversee the identification, assessment, and remediation of security vulnerabilities across all systems and networks.
10. Review and audit security implementations to ensure compliance and effectiveness.
11. Ensure compliance with industry standards, regulations, and frameworks (e.g., ISO 27001, NIST, CIS, GDPR).
12. Clearly communicate security risks, incidents, and updates to management and relevant stakeholders.
13. Conduct security training and awareness programs for employees to foster a culture of security within the organization.
14. Stay informed about the latest security trends, technologies, and threat intelligence to continuously enhance the organization’s security posture.
15. Propose and implement improvements to existing security processes and technologies.

Education and Minimum Qualification:

1. Bachelor's or Master's degree in Computer Science or a related field.
2. 8-10 years of experience with hands-on expertise in developing, operating, and maintaining security technologies.
3. Strong understanding of web application security and mobile application security.
4. Familiarity with threat modelling techniques such as STRIDE, DREAD or PASTA.
5. Knowledge of cryptographic tools and techniques.
6. Experience with cloud security, container security and API security.
7. Experience in implementing DevSecOps requirements as per ISO, NIST, CSA and CIS best practices.
8. Understanding of CI/CD processes and how security can be integrated into them.
9. Familiarity with DevOps and related tools such as Jenkins, GitLab, Docker, Kubernetes and Ansible.
10. Experience with security tools such as DAST, SAST, SCA, and open source tools such as Burp Suite, Metasploit, OWASP ZAP.
11. Familiarity with administrative tasks within popular operating systems like RHEL and Ubuntu.

Key Skills:

1. Excellent written and verbal communication skills.
2. Strong problem-solving skills and attention to detail.
3. Certifications such as CISSP, CISM, OSCP or CEH are a plus.