Penetration Tester

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE,

while the Research and Development center is located in Colombo, Sri Lanka and Pune, India. We are a 100% owned subsidiary of Air Arabia

Location : Pune

https : / / isa.ae /

Address : Smartworks Building, Nexa Soft, Core Ops,5th Floor, 43EQ, Survey No 44, PLOT A, H. No. 8 / 1 (P, opp. Opp. Ravindranath Tagore School of Excellence, Balewadi, Pune, Maharashtra 411045

Job Title : Security Engineer (Penetration Tester)

Job Type : Full-time

Reports To : Security Architect

Job Overview : We are seeking a

highly skilled Security Engineer

to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for

firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing

Microsoft security layers

to strengthen the organization's security posture.

Key Responsibilities :

1. Firewall, Endpoint & WAF Security

Design, configure, and manage

firewalls

(Palo Alto, Fortinet, Cisco ASA, Check Point).

Deploy and maintain

Web Application Firewalls (WAF)

for web security (Cloudflare, Imperva, AWS WAF).

Implement

Endpoint Detection & Response (EDR)

solutions like

Microsoft Defender for Endpoint, CrowdStrike, SentinelOne .

Conduct regular firewall rule audits, optimize configurations, and enforce

Zero Trust principles .

2. Microsoft Security Layer Implementation

a. Microsoft Email Security

Configure and manage

Microsoft Defender for Office 365

to protect against phishing, malware, and email threats.

Implement

Safe Links, Safe Attachments, and Anti-Phishing policies .

Monitor and respond to email security alerts in

Microsoft Security Portal .

Conduct

email security threat hunting

using Defender for O365 and advanced hunting queries.

b. Microsoft Endpoint Security

Deploy and manage

Microsoft Defender for Endpoint (MDE)

to protect corporate devices.

Enforce

attack surface reduction (ASR) rules

for endpoint protection.

Configure

endpoint compliance policies

using

Microsoft Intune .

Implement

DLP (Data Loss Prevention) policies

to prevent data exfiltration.

c. Compliance & Risk Management

Implement and monitor

Microsoft Purview Compliance Manager

for risk assessment.

Enforce

Information Protection & Encryption Policies

using Microsoft Purview.

Configure and manage

Conditional Access Policies

in

Microsoft Entra ID .

Ensure compliance with security frameworks like

ISO 27001, NIST, CIS, and GDPR .

3. Dark Web Monitoring & Brand Protection

Monitor

dark web forums, marketplaces, and underground networks

for stolen credentials, data leaks, and insider threats.

Implement

dark web intelligence tools

such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence.

Work with

threat intelligence platforms

to detect and respond to

brand impersonation, phishing sites, and fraudulent domains .

Collaborate with

legal and compliance teams

to enforce takedowns of malicious content.

4. Fraudulent Incident Investigation & Threat Hunting

Investigate

fraud incidents, phishing attempts, and business email compromise (BEC) .

Conduct

forensic analysis

on compromised endpoints, servers, and email accounts.

Develop and implement

threat intelligence and threat hunting

processes.

Work closely with

SOC teams for incident response and mitigation .

5. VAPT & IT Security Operations

Perform

Vulnerability Assessments & Penetration Testing (VAPT)

on infrastructure, applications, and cloud environments.

Implement and manage

intrusion detection / prevention systems (IDS / IPS) .

Monitor, analyze, and mitigate vulnerabilities from

external and internal security scans .

Work with teams to remediate vulnerabilities and harden IT assets.

6. IT Security & Compliance Management

Develop and enforce

security policies, standards, and procedures .

Implement

Zero Trust Architecture and IAM policies .

Conduct security awareness training and phishing simulations.

Ensure compliance with

ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards .

Required Qualifications & Skills :

Technical Skills :

Firewall & Network Security :

Palo Alto, Fortinet, Cisco ASA, Check Point

Microsoft Security Stack :

Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance

Endpoint Security & EDR :

Microsoft Defender, CrowdStrike, SentinelOne

WAF & Web Security :

Imperva, AWS WAF, Akamai, Cloudflare

VAPT & Red Teaming :

Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP

SIEM & Threat Intelligence :

Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK

Cloud Security :

Azure Security Center, AWS Security Hub, GCP Security Command Center

IAM & Zero Trust :

Okta, Microsoft Entra ID, Conditional Access Policies, PAM

Dark Web & Brand Monitoring :

Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence

Soft Skills :

Strong analytical and problem-solving skills.

Excellent communication and stakeholder management abilities.

Ability to work independently and in cross-functional teams.

Proactive security mindset

with attention to detail.

Certifications (Preferred, but not mandatory) :

CISSP

– Certified Information Systems Security Professional

CEH

– Certified Ethical Hacker

OSCP

– Offensive Security Certified Professional

CISM / CISA

– Certified Information Security Manager / Auditor

Microsoft Certified : Cybersecurity Architect (SC-100)

Microsoft Certified : Security Operations Analyst (SC-200)

Microsoft Certified : Information Protection Administrator (SC-400)

Experience Required :

5+ years

of experience in

IT Security, Cybersecurity, and Threat Intelligence .

Hands-on expertise in

firewall management, endpoint security, WAF, email security, and compliance .

Strong experience in

fraud investigation, dark web monitoring, and brand protection .

Proven ability to

secure cloud, hybrid, and on-premise environments .

Please send resumes to careers@isa.ae