The Cybersecurity Engineer (Product) is responsible for ensuring that our products and the underlying systems and infrastructure are protected from security threats.
Tasks:
Perform security assessments, penetration testing, and code analysis to identify vulnerabilities and ensure the overall security of our products.
Collaborate with the development, QA, and DevOps teams to gain a comprehensive understanding of the software development process, access controls, and testing procedures.
Ensure that our products are secure, minimizing the risk of breaches and unauthorized access.
Work closely with our Senior Cybersecurity expert, to enhance overall product security and implement effective defense measures.
Stay up-to-date with industry trends and emerging security threats, proactively identifying potential risks and proposing suitable countermeasures.
Draft cybersecurity white papers in collaboration with the technical writing team, showcasing the security features and benefits of our products.
Liaise with the product marketing team to create compelling materials highlighting the cybersecurity advantages of our products.
Assist customers in implementing and securing their log management infrastructure using our products.
Lead security incident response efforts, ensuring timely and effective resolution of any security issues.
Deliver security awareness training to employees, promoting a culture of cybersecurity within the organization.
Propose security improvements and corrective actions for tools, systems, and development processes.
Collaborate with product management and developers to integrate security practices into the product development lifecycle.
Establish and maintain a secure software development process and resilient CI/CD pipeline in coordination with the DevOps and development teams.
Collaborate with third-party security assessment companies to execute vulnerability scanning, source code analysis, and penetration testing as required for product certifications.
Support the achievement of information security standards compliance, such as ISO/IEC 27000, and assist in preparing for external audits.
Requirements:
Proficiency in scripting languages such as Python, shell, and Perl.
Strong knowledge of cloud platforms (AWS, Azure, GCP) and experience working with SaaS solutions.
Demonstrated experience in penetration testing, vulnerability assessment, and code analysis.
Familiarity with SIEM tools and log management systems.
Understanding of cryptography, SSL/TLS, PKI, and network protocols.
Bachelor's degree in information technology or a related field.
Minimum of 5 years of experience in cybersecurity roles, with a focus on product security within a company.
Solid understanding of software development processes, access controls, and QA procedures.
Nice to have: relevant certifications such as CISA, CISSP, CEH.
Customer-oriented with excellent communication and collaboration skills.
Self-governing and able to work autonomously in a remote work environment.
Strong time management skills, adaptability, and flexibility in a dynamic work setting.
Fluent in English (oral and written proficiency).