Cyber Security Engineer

Role Description

The Cybersecurity Engineer will play a critical role in strengthening and operating the client’s security operations program, with strong emphasis on Fortinet firewall administration, ISO 27001 compliance, continuous monitoring using Wazuh SIEM, and end-to-end Vulnerability Assessment & Penetration Testing (VAPT). The role ensures a multi-layered, proactive security posture across infrastructure, applications, and cloud environments.

While Security Operations is the primary responsibility, the engineer will also support secure SDLC activities such as code reviews and SAST. AI automation and agent workflows are optional and treated as low-priority support functions.

Key Responsibilities

• Administer and optimize Fortinet Firewall (FortiGate) including firewall rules, VPNs, IPS / IDS, routing, logging, and continuous monitoring.
• Maintain and monitor Wazuh SIEM for log collection, correlation rules, dashboards, threat detection, and incident response workflows.
• Perform real-time monitoring, alert triage, incident analysis, and escalation.
• Conduct internal / external VAPT assessments across network, applications, APIs, and cloud workloads.
• Manage endpoint protection, anti-malware, and host-based intrusion detection.
• Perform continuous infrastructure hardening for servers, endpoints, and network devices.
• Lead root-cause analysis for incidents and ensure long-term corrective actions are implemented.
• Perform scheduled vulnerability scanning, penetration testing, and exploit verification.
• Track and prioritize vulnerabilities using a structured risk-based approach and collaborate with engineering teams for timely remediation.
• Review cloud security configurations (AWS / Azure / GCP), container security, and API security.
• Implement and maintain ISO 27001 : 2022 controls specifically related to Operations Security, Network Controls, Access Control, Logging & Monitoring, Backup, and Secure Configuration.
• Prepare audit-ready evidence and documentation for internal / external ISMS audits.
• Conduct periodic user access reviews, privilege reviews, and ensure enforcement of least-privilege principles.
• Execute SAST security reviews, dependency scans, and basic secure code assessments during development.
• Integrate security checks into CI / CD pipelines (GitLab / GitHub Actions / Jenkins).
• Support developers with secure coding guidance and review of critical code blocks.
• Maintain DAST / SCA scans for production and pre-release environments.
• Assist in building optional n8n / Flowise automation workflows for evidence collection, access reviews, or recurring SOC tasks.

Qualifications