Senior SecOps & Cybersecurity Engineer

Position: Full-time

Location: Hybrid (Remote with 2 days in-office, once a week)

Salary: Negotiable

Start Date: Immediate

Job Description

We are seeking a skilled Senior SecOps & Cybersecurity Engineer to join our team in a hybrid role, offering the flexibility of remote work with two in-office days per week. This position is essential for securing and enhancing our infrastructure while safeguarding our web and mobile applications. The ideal candidate will be proactive, focused on threat detection and prevention, and adept at fortifying our systems in a dynamic, fast-paced environment.

Key Responsibilities

• Strengthen infrastructure security by implementing best practices and mitigating vulnerabilities.
• Continuously test and monitor systems, applications, and networks to detect and respond to security threats.
• Perform penetration testing on infrastructure, websites, and iOS/Android applications to identify and address vulnerabilities.
• Develop and maintain automated security testing frameworks within CI/CD pipelines.
• Collaborate with development, DevOps, and operations teams to ensure security from the ground up.
• Identify and remediate security gaps in network architecture, system configurations, and application code.
• Lead incident response efforts and implement measures to prevent future occurrences.
• Stay updated with the latest security trends and technologies, applying them to enhance infrastructure security.
• Draft and maintain security policies, procedures, and documentation for compliance.
• Mentor and train team members on security best practices.
• Coordinate with external partners to assess security compliance and manage third-party testing.

Requirements

• Senior-level experience in SecOps, Cybersecurity, or a related field.
• Proven expertise in penetration testing and vulnerability assessment tools (e.g., Burp Suite, OWASP ZAP, Metasploit).
• Hands-on experience with infrastructure as code, cloud security (AWS, Azure, or Google Cloud), and CI/CD security integration.
• Proficiency in security automation tools and scripting (e.g., Python, Bash, PowerShell).
• Knowledge of best practices for securing web and mobile applications (iOS and Android).
• Solid understanding of network security protocols and cybersecurity frameworks (NIST, ISO/IEC 27001).
• Experience with risk assessment, threat modeling, and mitigation strategies.
• Ability to work independently and manage multiple projects effectively.
• Excellent analytical, problem-solving, and communication skills.
• Experience in a startup or agile environment is a plus.