Overview
Avrioc Technologies, headquartered in Abu Dhabi, UAE, specializes in developing applications, software, games, and AI models that enhance daily experiences. Its offerings include CBUAE Licensed Fintech solution, AI-driven products, indoor cycling platform, VoIP application and freelance platform. The company is dedicated to innovation and continuous growth, aiming to transform ordinary experiences into extraordinary ones.
Responsibilities:
- The Cyber Security Engineer will report to the Cyber Security Lead. This role requires hands-on expertise in securing cloud environments, applications and performing VAPT as a part of red team. The ideal candidate will work on the ground to implement security controls, perform assessments, and ensure a robust cybersecurity posture across the organization.
- Responsibilities
- Implement and maintain AWS Cloud Security Posture Management (CSPM) solutions to safeguard cloud infrastructure.
- Assess and enhance the security of Kubernetes environments, ensuring alignment with best practices.
- Conduct source code analysis and review to identify and address vulnerabilities.
- Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) using industry-standard tools.
- Manage Web Application Firewalls (WAF) to protect against application-layer threats.
- Conduct comprehensive web and mobile application security assessments, identifying and mitigating risks.
- Integrate and maintain DevSecOps tools and practices into CI/CD pipelines to embed security in the development lifecycle.
- Implement and monitor software supply chain security measures, focusing on dependency and third-party library management.
- Perform threat modelling to proactively identify and address security weaknesses in applications and systems.
- Conduct vulnerability assessments and penetration testing (VAPT) to uncover and remediate security gaps.
- Collaborate with blue team teams to optimize SIEM (Security Information and Event Management), PAM (Privileged Access Management), and DAM (Database Activity Monitoring) solutions.
- Respond to and resolve identified threats, incidents, and vulnerabilities efficiently and effectively.
Qualifications:
- Bachelor’s degree in information security, Computer Science, or a related field.
- 5-7 years of hands-on experience in cybersecurity roles with a focus on cloud, application, and infrastructure security.
- Certifications such as AWS Certified Security Specialty, OSCP, CEH, or similar are preferred but not mandatory.
- Proven experience with AWS Cloud Security tools, SAST/DAST tools, and DevSecOps practices.
- Practical knowledge in Kubernetes security and application security assessments.
- Proficiency in cloud security, application security tools, and DevSecOps workflows.
- Strong understanding of web and mobile application security standards (e.g., OWASP Top 10).
- Familiarity with security tools like WAFs, SIEMs, PAMs, and DAMs.
- Strong analytical and problem-solving skills, with the ability to work independently on tasks.
