Greetings from Netsach - A Cyber Security Company.
We are looking for Cyber security Engineer with 5to 8 yrs of strong experience in cybersecurity engineering, security architecture, or technical risk management.Network security technologies including firewalls, WAFs, IDS/IPS with ability to review their configuration from a security and compliance perspective.
Job Title: Cybersecurity Engineer
Exp: 5-8yrs
Contract Duration: 6 Months + Extension
Job Location: Dubai, Onsite
Interested candidates please share your resume at [HIDDEN TEXT] and please register at www.netsachglobal.com and send us your resume.
Job Description
Technical Expertise
- Strong understanding of network security technologies including firewalls, WAFs, IDS/IPS with ability to review their configuration from a security and compliance perspective.
- Hands-on experience with tools such as SIEM (e.g., Splunk, QRadar), SOAR, EDR/XDR, vulnerability scanners (e.g., Tenable, Qualys), and PAM solutions (CyberArk, BeyondTrust).
- Experience in securing cloud-native and hybrid environments.
- Familiarity with secure development practices, DevSecOps, and container security (e.g., Docker, Kubernetes).
- Proficiency in scripting (Python, PowerShell, Bash) to automate security tasks and analysis.
Required Skills and Qualifications (5-8 years of experience)
- Proven experience in cybersecurity engineering, security architecture, or technical risk management.
- Strong understanding of network, endpoint, cloud, and application security principles.
- Experience with vulnerability management, incident response, and threat modeling.
- Working knowledge of compliance and security frameworks: ISO 27001, UAEIA, NIST CSF, MITRE ATT&CK.
- Ability to communicate security risks and recommendations clearly to technical and non-technical audiences.
- Relevant certifications such as CISSP, OSCP, CEH, GCIA, CCSP, or equivalent are strongly preferred. 1
Key Responsibilities:
Security Architecture & Engineering:
- Design and implement secure architecture across IT and OT systems, ensuring defense-in-depth and secure-by-design principles.
- Develop and maintain security controls for infrastructure, endpoints, cloud, and applications.
- Validate the security of network, system, and cloud configurations to ensure alignment with architecture standards and compliance requirements.
Vulnerability & Risk Management
- Conduct regular vulnerability assessments and threat modeling for enterprise assets.
- Analyze and prioritize risks; coordinate remediation efforts with infrastructure and application teams.
- Ensure alignment of risk mitigation efforts with ISO 27001, UAEIA, and NIST standards.
Security Operations & Monitoring
- Review alerts, logs, and indicators of compromise to support continuous monitoring and response.
- Recommend and implement automation or tuning improvements to reduce false positives and improve detection accuracy.
Cloud & Application Security
- Engineer secure configurations and architectures for multi-cloud environments (AWS, Azure, GCP).
- Integrate security controls within CI/CD pipelines and DevSecOps practices.
- Participate in secure code review processes and support application security testing (SAST, DAST).
Incident Response & Forensics
- Provide technical leadership during cyber incidents, performing root cause analysis and digital forensics.
- Update incident playbooks and lead post-incident review sessions.
- Maintain evidence handling procedures aligned with regulatory and legal standards.
Compliance & Policy Alignment
- Ensure cybersecurity policies, standards, and procedures meet UAEIA, ISO 27001/27002, and internal audit requirements.
- Contribute to audit readiness by maintaining accurate technical documentation and access control records.
- Support internal reviews and regulatory assessments with technical input.
Stakeholder Collaboration
- Collaborate with SOC, IT infrastructure, application, risk, and audit teams to embed security into projects and operations.
- Review network and system architecture from a security perspective and provide risk-based recommendations.
- Participate in change management processes to evaluate security impact.
Key Deliverables
Security Architecture & Engineering
- Secure architecture diagrams, security design documentation, and technical standards.
- Assessment reports on system and infrastructure configurations with risk mitigation recommendations.
Vulnerability & Risk Management
- Regular vulnerability scan analysis, remediation tracking, and risk reports.
- Threat models and risk assessments aligned with business and regulatory priorities.
Security Operations & Monitoring
- Detection use case documentation and SIEM/SOAR correlation rules.
- Metrics dashboards showing alert fidelity and incident response improvements.
Cloud & Application Security
- CI/CD security validation checklists and application testing reports.
- Cloud security posture assessments and hardening reports.
Incident Response & Forensics
- Incident logs, investigation summaries, and post-incident reports.
- Updated IR playbooks and forensics documentation.
Documentation & Policy Alignment Deliverable:
- Technical SOPs and secure configuration baselines aligned with UAEIA and ISO 27001 standards.
- Audit-ready documentation for network changes and access controls.
Compliance & Policy Alignment
- Technical SOPs, access control documentation, and audit evidence packs.
- Logs of policy exceptions, changes, and mitigation actions.
Cybersecurity and Network Knowledge Deliverable:
- Quarterly security landscape report outlining relevant trends, risks, and recommendations for network security enhancements.
- Knowledge-sharing session logs or training materials developed for internal teams.
Security Architecture & Engineering
- Security architecture review reports and approval checklists for new or updated systems.
- Reference architectures for secure network segmentation, Zero Trust, and cloud environments.
- Implementation and validation reports for newly deployed security tools (e.g., EDR, DLP, SOAR).
- Security control design documents mapped to threat models and business use cases.
Thank You
Emily Jha
[HIDDEN TEXT]
Netsach - A CyberSecurity Company
www.netsachglobal.com
