Security Engineer / Architect

Introduction:

The candidate is a highly skilled cybersecurity professional with extensive experience in security engineering, consulting, and analysis across multiple industries. They have a strong background in designing secure product features, implementing security processes, and assessing the security of hardware, firmware, and software applications. Their expertise includes penetration testing, threat modeling, secure code reviews, and advancing the Secure Software Development Lifecycle (SSDLC) through static and dynamic analysis. They have led incident response efforts, developed detection rules for security monitoring, and implemented comprehensive security policies and compliance frameworks. With a deep understanding of cloud security, they have successfully integrated security information and event management (SIEM) solutions and developed security detection rules to strengthen cloud environments.The candidate has also been instrumental in deploying security solutions, including SIEM, endpoint detection and response (EDR), web application firewalls (WAF), data loss prevention (DLP), and vulnerability scanners. Their experience extends to IoT security, reverse engineering, and firmware assessments, ensuring the robustness of connected devices. They have played a crucial role in security operations, simulating attack scenarios, optimizing SOC capabilities, and implementing security governance strategies. Additionally, their expertise in network and infrastructure security includes system hardening, Active Directory security, and access control management.

Beyond technical security, they have led training initiatives, educating developers and engineers on secure coding practices and cybersecurity best practices. Their background also includes vulnerability management, risk assessment, and security audits, ensuring organizations adhere to industry standards and regulatory requirements. With a strong foundation in system administration, IT support, and embedded electronics, they bring a diverse technical skill set, enabling them to tackle complex security challenges. Their leadership in building and managing security teams, coupled with continuous research in emerging cybersecurity threats, makes them a well-rounded and highly capable security professional.

Responsibilities:

• Assist in designing and implementing secure product features.
• Conduct security assessments for hardware, firmware, and software applications.
• Develop security requirements and ensure compliance with regulations and standards.
• Perform penetration testing on networks, applications, and IoT devices.
• Conduct threat modeling and attack simulations to identify vulnerabilities.
• Review third-party security reports and validate findings.
• Develop and implement incident response plans and security policies.
• Investigate security incidents, analyze logs, and conduct forensic analysis.
• Perform threat hunting, malware analysis, and security monitoring.