Cybersecurity Engineer

Contract / Temporary

Job Reference
Cybersecurity Engineer
Job Type
Contract / Temporary
Salary Details
AED 30k – 38k p/m
Start Date

Apply now

Get in touch with us for more information

Job description

Cybersecurity Engineer – AED 30k – 38k p/m
Initial 12 Month Contract

An opportunity for an experienced Cybersecurity Engineer has arisen to work for a prestigious organisation based in Dubai. As a successful candidate you will be responsible for executing and continuously refining the security verification processes defined by the assurance program consisting of risk assessments, vulnerability assessments and penetration tests based on industry best practices. Also, assist in evolving the assurance program on an ongoing basis to incorporate industry best practices, offensive and defensive attack techniques. This is an initial 12 month contract, with the expectation of further extension, or eventually becoming permanent.

Skills / Experience
• Certifications:
- Offensive Security Certified Professional (OSCP) – Preferred
- GIAC Web Application Penetration Tester (GWAPT) – Preferred
- Certified Information Systems Security Professional (CISSP) – Preferred
• Software engineering experience preferably with Java and .NET technologies.
• Experience building tools and processes to reliably identify security issues such as SQLi, XSS, CSRF, and business logic flaws across large code bases.
• Expertise with browser security controls (CSP, XFO, HSTS, etc.), web application security topics such as OWASP Top 10, and authentication infrastructure (SAML, OAUTH, JWT).
• Experience in database, application, and web server security design, implementation & review.
• Knowledge on Infrastructure Security is a plus.

Role Overview:
- Execute in-depth automated and manual discovery of security vulnerabilities in web applications, mobile applications, web services and client server application and associated infrastructure
- Execute thorough verification of the vulnerabilities found during the assessment and associated risk as per assessment framework
- Write comprehensive security assessment reports and make appropriate recommendations for the vulnerabilities that are identified during the security assessments
- Provide necessary knowledge transfer of the vulnerabilities found during the assessments to the software engineering teams by means of meetings, walkthroughs, technical discussions etc. for implementing appropriate security fixes.
- Track all the identified security weaknesses and risks through their life-cycle from identification to resolution to verification and closure through the Information Security Risk Tracking system.
- Partic