Cybersecurity Engineer (X9YWVY43)

Role Overview

We are seeking a detail oriented and technically strong Cybersecurity Engineer to support enterprise information security, IT risk management, network security, vulnerability assessments, incident response, and compliance within the banking industry.

The selected candidate will be responsible for maintaining secure IT infrastructure, monitoring security threats, supporting penetration testing, strengthening security controls, and ensuring information security practices are aligned with ISO 27001, CIS controls, and internal compliance requirements.

Key Responsibilities

• Execute enterprise information security and IT risk management activities to ensure effective controls are in place to protect company assets.
• Support security controls based on ISO 27001, CIS, and other relevant security frameworks.
• Manage continuous security maintenance of IT networks, servers, user identities, and endpoint devices.
• Implement and manage security infrastructure including firewalls and Secure Access Service Edge solutions.
• Conduct vulnerability assessments and support penetration testing of applications and perimeter systems using tools such as OWASP ZAP.
• Support DevSecOps processes by identifying and addressing application security risks.
• Analyze IT security threats and support timely mitigation actions.
• Ensure secure configuration of IT assets across networks, systems, and devices.
• Review newly acquired technology to ensure compliance with IT security requirements.
• Conduct regular vulnerability assessments on online resources and provide periodic IT network security updates to management.
• Manage information security incidents, including investigation, recovery, corrective action, and prevention activities.
• Participate in architecture discussions and provide security input on risk, compliance, and solution design decisions.
• Support employee cybersecurity awareness by assisting in preparing training materials on threats and countermeasures.
• Attend training sessions to improve knowledge in advanced and emerging cybersecurity areas.
• Provide updates to compliance committees and complete assigned action items to avoid nonconformities.

Candidate Profile

• Bachelor's degree with specialization in Information Technology or a related field.
• Minimum 1 to 3 years of experience in cybersecurity, information security, IT risk, or a similar capacity.
• Experience in conducting or participating in application security penetration testing.
• Professional qualifications from ISACA, ISC2, or Global Information Assurance Certification will be an added advantage.
• Understanding of security controls, frameworks, and IT risk management principles.
• Sound knowledge of network security controls, operating systems, and incident response management.
• Knowledge of vulnerability assessment tools, penetration testing 
• methods, and secure configuration practices.
• Familiarity with ISO 27001, CIS controls, firewalls, DevSecOps, and 
• application security testing will be preferred.
• Good planning and organizing skills.
• Strong quality focus with high attention to detail.
• Good analytical, problem solving, and communication skills.
• Ability to work in a regulated banking environment with confidentiality, accuracy, and professionalism.