Uni Club - Security Engineer I - CISSP Certified (1-3 yrs)

Job Description :

We are seeking a motivated and skilled Security Engineer-1 to join our dynamic team. The ideal candidate will have hands-on experience in security testing across all domains and possess a strong understanding of information security compliance requirements. This role will be responsible for ensuring the security and integrity of our systems, networks, and data, as well as contributing to the development and implementation of security policies and procedures.

Responsibilities :

- Perform security testing including vulnerability assessments, penetration testing of Web Application, API, Mobile applications, Infra and Cloud.

- Provide detailed reports on findings, including steps for remediation and recommendations for improving security posture

- Monitor security vulnerabilities, threats, and events in information systems and networks.

- Assist in the development and maintenance of Information security compliance.

- Conduct compliance assessments and audits to ensure adherence to regulatory requirements (e.g.,PCI DSS, Data Localisation, SAR Audits).

- Excellent understanding & experience of handling security standards and frameworks such as CSA CCM, ISO 27001, NIST CSF, PCI-DSS..

- Additionally, have knowledge of third-party security assessments, control frameworks and BIAs, you can triage new or changing security requirements, security issues, third party, customer or external potential risks. You know how to maintain and develop documentation.

- Collaborate with cross-functional teams to integrate security into the development lifecycle and infrastructure projects.

- Respond to security incidents, conduct forensic investigations, and recommend corrective actions.

- Stay current with industry trends, emerging threats, and security technologies.

- Strong knowledge of security testing methodologies and tools (e.g., Nmap, Metasploit, Burp Suite).

- Familiarity with regulatory requirements and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework).

- Experience with managing and implementing security controls and technologies.

- Excellent analytical and problem-solving skills.

- Effective communication skills with the ability to explain complex technical issues to non-technical stakeholders.

- Relevant certifications (e.g., CEH, CISSP, Security+, OSCP) are a plus.