Cyber Security Expert

Cybersecurity Expert

Responsibilities:

• Lead Product Security Initiatives: Champion cybersecurity across the Secure Development Lifecycle (SDLC), ensuring security is embedded from design to deployment.
• Define Secure Development Standards: Establish and enforce secure coding practices, architectural guidelines, and design principles to protect products from emerging threats.
• Collaborate with Development Teams: Partner with engineers and architects to integrate security measures into application design, code, and infrastructure.
• Conduct Security Assessments: Perform vulnerability assessments, static and dynamic code analysis, and penetration testing to proactively identify and mitigate risks.
• Support Advanced Security Testing: Validate the effectiveness of implemented controls through targeted security and penetration tests.
• Act as a Security Advisor: Provide expert guidance on secure architecture, third-party integrations, and compliance with relevant standards and regulations.
• Drive Continuous Improvement: Stay ahead of evolving cyber threats, refine security practices, and promote DevSecOps adoption across teams.

Educational Qualification: BE / B.Tech / MCA or equivalent

Required Skills & Experience:

• Cybersecurity Expertise: Minimum 3 years hands on experience as Cybersecurity engineer with overall experience of 10+ years. Strong understanding of security principles, risk management, and secure development lifecycle practices.
• Software Development Knowledge: Proficiency in programming/scripting (e.g., Python, PowerShell) and ability to guide secure implementation practices.
• Azure DevOps Expertise: Hands-on experience managing security tasks, integrating security tools, and automating checks in CI/CD pipelines.
• Agile Environment Experience: Proven track record of working in agile teams, contributing to secure coding, process improvement, and vulnerability management.
• Communication Skills: Ability to articulate complex security concepts clearly to both technical and non-technical audiences.
• Security Testing Experience: Experienced in security processes such as threat modeling, risk assessment, secure guidelines, vulnerability monitoring and penetration testing.
• Cloud Security Knowledge: Experience with cloud environments (Azure, AWS) and awareness of certifications such as C5 and TX-RAMP.
• Solid knowledge in ISO270xx series and Vulnerability Management, and Operations Security
• Profound expertise in Identity and Access Management (Authentication, Authorization) with OAuth2.0 and OpenID Connect is strongly desired

Preferred / Nice-to-Have Skills

• DevSecOps Integration: Familiarity with embedding security practices within CI/CD pipelines.
• Linux & Container Security: Knowledge of securing Linux-based systems and containerized environments (e.g., Docker, Kubernetes).