Senior Security Engineer

Senior Security Engineer

Requirements

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field.
• 7+ years of experience in cybersecurity, with a focus on Security Architecture, cloud and application security.
• Strong knowledge of cloud security frameworks (AWS Well-Architected Framework, CSA-CCM, CIS Controls).
• Experience with securing cloud-native applications, microservices, and containerized environments (Kubernetes, Docker).
• Expertise in secure software development practices, including OWASP Top 10 and SAST/DAST methodologies.
• Familiarity with DevSecOps principles and tools such as Terraform, GitHub Actions, or AWS CodePipeline.
• Hands-on experience with identity and access management (IAM), encryption, and key management.
• Proficiency in scripting and automation using Python, Bash, or PowerShell.
• Experience with firewall technologies, network security principles, and secure network architecture design.
• Experience with database security, including best practices for relational and NoSQL databases.
• Experience with Infrastructure as Code (IaC) security and automation using Terraform, AWS CloudFormation, or similar tools.

Responsibilities

• Identify and provide guidance on appropriate controls based on industry standards to drive cloud and customer security solutions framework based on business risk and cloud native threats.
• Develop and implement cloud security architectures focused on AWS.
• Assist in developing an overall organizational data strategy that is in line with business processes and contractual requirements.
• Establish and enforce secure application development practices, including secure coding, threat modeling, SAST/DAST and vulnerability management.
• Conduct security assessments of cloud infrastructure, applications, and CI/CD pipelines.
• Provide security guidance and best practices to Product and Service Delivery teams.
• Define and implement security policies, standards, and procedures for cloud and application security.
• Work with engineering and operations teams to integrate security controls within cloud-native services.
• Lead security reviews, architecture assessments, and risk analysis for new and existing applications.
• Monitor security trends, vulnerabilities, and threats in cloud and application security domains.
• Collaborate with compliance teams to ensure adherence to regulations such as PCI-DSS, SOC 1/2, ISO 27001 etc.
• Respond to security incidents and provide expertise in forensic analysis and remediation.
• Design and implement network security controls, including firewall configuration and management.
• Manage firewall solutions such as Akamai and cloud-native security services to protect applications and infrastructure.
• Ensure robust network security by implementing intrusion detection/prevention systems (IDS/IPS), web application firewalls (WAFs), and DDoS mitigation strategies.
• Design and implement database security controls, including data encryption, access control, and monitoring.
• Conduct database vulnerability assessments and ensure compliance with security policies.
• Work with database administrators to apply security best practices to relational and NoSQL databases.
• Implement data masking, tokenization, and audit logging for sensitive data protection.
• Develop and implement Infrastructure as Code (IaC) security best practices to ensure secure provisioning and configuration of cloud resources.
• Ensure security is embedded in IaC templates using tools like Terraform and AWS Cloud Formation.
• Perform security architecture design reviews and provide recommendations to improve the security posture of KUBRA’s application, database, and cloud platforms.
• Perform periodic testing, code analysis, and security assessments of KUBRA owned applications.
• Govern Watch over cloud security systems for change and configuration control thereby suggesting changes to further improve the overall security posture.
• Partner with DevSecOps, Application and Infrastructure teams to ensure any vulnerabilities or issues are resolved per security guidelines.
• Stay up to date with current cyber security risk and analyze trends to proactively prevent problems.

Preferred Qualifications

• Industry certifications such as CISSP, CCSP, AWS Certified Security, or GIAC are preferred.