Senior Cybersecurity Expert

About Us

Role Summary

• We are seeking a hands-on Senior Cybersecurity Engineer with deep expertise in offensive security, secrets management, and secure platform engineering.
• This Role Focuses On Advanced Technical Execution, Including
• Red/Blue team operations
• Enterprise-grade Key & Secrets Management (PAM / HSM / Key Vault)
• DevSecOps security integration
• Infrastructure & application-level resilience (DR / security validation)
• The ideal candidate is a technical expert, capable of designing and implementing security controls, validating them through adversarial testing, and integrating them into modern cloud-native environments.

• Offensive Security & Adversarial Simulation

• Conduct Red Team operations, including:
• Initial access, lateral movement, privilege escalation
• Active Directory attack paths and identity compromise
• Support and enhance Blue Team detection capabilities
• Perform attack simulation & purple teaming to validate detection and response
• Develop custom attack scripts/tools for advanced scenarios

• Secrets & Key Management (Core Focus)

• Design and implement enterprise-grade secrets management architecture, including:

• PAM (Privileged Access Management)

• Cloud Key Management (Azure Key Vault / AWS KMS)
• HSM-backed key protection
• Define and enforce:
• Key lifecycle management (generation, rotation, revocation)
• Secure storage and usage of credentials, API keys, certificates
• Integrate secrets management into applications and CI/CD pipelines
• Identify and eliminate hardcoded secrets / credential leakage risks

• DevSecOps & Secure Engineering

• Integrate security into CI/CD pipelines:
• SAST, DAST, SCA, IaC scanning
• Implement policy-as-code and automated security gates
• Secure container and artifact pipelines (e.g., Docker, Kubernetes, registries)
• Work closely with engineering teams to embed security controls by design

• Infrastructure Security & DR Validation

• Design and execute Disaster Recovery (DR) and Resilience Testing, including:
• Infrastructure-level DR (cloud / network / identity)
• Application-level failover and recovery validation
• Validate security controls under failure scenarios
• Identify weaknesses in backup, recovery, and high availability design

• Security Assessment & Architecture Review

• Perform deep technical assessments:
• Cloud security (Azure / AWS)
• Network and system architecture
• Identity and access management
• Data protection mechanisms
• Provide actionable remediation guidance based on real attack paths

• Security Research & Continuous Improvement

• Track emerging threats, vulnerabilities, and exploitation techniques
• Conduct internal research on:
• Attack techniques
• Detection evasion
• Cloud-native attack vectors
• Produce technical documentation, advisories, and internal knowledge sharing

Technical Requirements

• Offensive Security
• Strong experience in:
• Web vulnerabilities (SQLi, XSS, SSRF, RCE, IDOR)
• System/network penetration (Windows/Linux)
• Active Directory attacks (Kerberos abuse, delegation, etc.)
• Familiar with tools:

• Burp Suite, Metasploit, Nmap, Nessus

• Cobalt Strike (or equivalent) – preferred

• Secrets & Cryptography (Critical)

• Hands-on experience with:
• PAM solutions

• Azure Key Vault / AWS KMS

• HSM-based key protection
• Understanding of:
• Cryptographic key lifecycle
• Certificate management (TLS/mTLS)
• Secure key usage patterns in applications
• DevSecOps
• Experience integrating:
• SAST / DAST / SCA tools
• CI/CD pipelines (Azure DevOps, GitHub Actions, Jenkins)
• Familiar with:
• Container security (Docker / Kubernetes)
• IaC security (Terraform, ARM, etc.)

• Programming / Scripting

• Proficiency in at least one:
• Python / Go / JavaScript / Bash
• Ability to develop security tools or automation scripts

Qualification Requirements

• Bachelor’s degree or above in Computer Science, Information Security, or related field
• 5+ years of hands-on cybersecurity engineering experience
• Strong experience in penetration testing, red teaming, or security engineering
• Familiar with security frameworks:

• Owasp, Nist, Iso 27001

• Experience in regulated environments (PCI-DSS, NESA) is a plus

Preferred Certifications

• OSCP (highly preferred)
• CEH
• Security+
• CISA (optional, not core)

Key Characteristics (Important)

• Strong hands-on technical depth, not just advisory
• Ability to break and build systems
• Security engineering mindset (not compliance-driven)
• Able to work independently on complex technical problems