We are looking for a Cybersecurity Engineer with expertise in penetration testing and security engineering to enhance the security of our cloud infrastructure, applications, and internal tools. The ideal candidate should have hands-on experience with Cloudflare WAF, API penetration testing, security automation, and cloud security practices.
Responsibilities:
- Penetration Testing: Conduct security assessments on APIs and internal applications, identifying vulnerabilities and providing remediation strategies.
- Security Automation: Develop and maintain security tools using Python, Bash, or other scripting languages.
- DevSecOps Integration: Work closely with developers and DevOps teams to integrate security best practices into CI/CD pipelines.
- Cloud Security: Implement and manage security controls in AWS while enforcing cloud security best practices.
- Source Code & Infrastructure Security: Secure source code and infrastructure using GitHub security features (e.g., Dependabot, CodeQL).
Infrastructure as Code (IaC): Preferably use Terraform to automate security policies and cloud resources
Requirements
- Hands-on experience in penetration testing, vulnerability assessment, and remediation for APIs and web applications.
- 2 years + of experience as minimum as Cyber Security Engineer
- Proficiency in scripting (Python, Bash, etc.) for automating security tasks.
- Solid understanding of cloud security principles (AWS experience is a plus).
- Familiarity with GitHub security best practices and integrating security into CI/CD pipelines.
- Experience with Terraform for Infrastructure as Code (preferred but not required).
- Proven experience with WAF configuration and security rule management.
Preferred Qualifications:
- Security certifications such as OSCP, eJPT, AWS Security Specialty, or equivalent.
- Experience in SOC operations, SIEM management, or incident response.
- Familiarity with container security (Docker, Kubernetes).
Benefits
- Training & Development
- Performance bonus
- Work from Home
