Security Engineer - Vulnerability Assessment / Penetration Testing

Key Responsibilities :

• Design, implement, and maintain security controls across cloud, on-premise, and hybrid environments.
• Perform threat modeling, vulnerability assessments, and penetration testing.
• Monitor, detect, and respond to security incidents using SIEM and SOAR tools.
• Develop and maintain incident response plans and playbooks.
• Ensure compliance with security frameworks (ISO 27001, NIST, PCI-DSS, GDPR, SOC 2).
• Collaborate with DevOps and Engineering teams to embed security in SDLC (DevSecOps).
• Administer and monitor firewalls, IDS / IPS, endpoint security, and identity management systems.
• Provide technical guidance on risk management, encryption, IAM, and data protection.
• Conduct security awareness training for Skills & Qualifications :
• 5-8 years of proven experience in information security, security engineering, or cybersecurity.
• Strong knowledge of network protocols, security architecture, firewalls, VPNs, IDS / IPS, and WAFs.
• Hands-on experience with SIEM tools (Splunk, QRadar, ELK, Sentinel).
• Proficiency in cloud security (AWS, Azure, GCP) including IAM, key management, and cloud compliance.
• Familiarity with secure coding practices, OWASP Top 10, and DevSecOps pipelines.
• Experience with vulnerability management tools (Nessus, Qualys, OpenVAS).
• Scripting knowledge in Python, PowerShell, or Bash for automation.
• Strong understanding of incident response lifecycle and digital forensics.
• Certifications preferred : CISSP, CEH, OSCP, CCSP, CISM, AWS / Azure Security Specialty.

(ref : hirist.tech)