Security Engineer

Azeus is a leading IT services provider with more than 30 years of experience in successfully delivering IT solutions. We have clients in Europe, Asia Pacific, America, Africa, and Middle East. Throughout the years, our sound model of integrated operations has enabled us to build an extensive track record of developing large and complex IT systems for the public and private sectors. Azeus has delivered 250 IT projects to over 60 government departments and public authorities in Asia and Europe. The software products we developed have also achieved an international customer base spanning over 100 countries in both the public and commercial sectors.

Duties & Responsibilities:

• Conduct engagement with the Blue Team for the following:

1. Work with engineering and devops teams to implement security best practices
2. Implement and improve workflows to automate vulnerability detection as part of the software development lifecycle.
3. Review risks and patches of software components used in the applications.
4. Facilitate threat modelling as part of the software development lifecycle.
5. Help in security awareness training.
6. Help in implementing the needed controls for different certification bodies such as ISO 27001 and SOC Type 2

• Involve in Red Team activities:

1. Perform penetration testing of Web and Mobile (iOS, Android, Windows and Mac) applications.
2. Own the vulnerability management lifecycle from identification, remediation to reporting.
3. Active monitoring and detection of operational security risks in the organization.
4. Conduct technical investigations on security incidents and tools.
5. Liase directly with users on security enquiries and concerns during Pre-sales and Support

Education

Bachelor's Degree in Computer Science, Computer Engineering, Cybersecurity or related field

Experience

• At least 3-5 years of experience in cyber security.
• Solid understanding of cybersecurity principles, standards and protocols such as OWASP Top 10 and SANS Critical Security Controls atleast
• 2 years of experience with application security tools as Burpsuite, OWASP ZAP, Metasploit, Sonarqube (experience with Ghidra or IDA is a plus)
• atleast 2 years Experience with programming languages such as Java, Javascript, C/C++
• Experience with scripting languages such as bash or Powershell
• Experience and knowledge of cloud solutions and architectures such as AWS
• Experience and knowledge of Security information and event management (SIEM) technologies
• Good analytical skills
• Strong sense of ownership

Skills/Certifications/Languages (nice to have):

• Technical and industry certifications are a plus such as CISA, CISM, CISSP