Senior Applications/Web Security Engineer:
Our client is leading Technology Company, who is looking for a seasoned Information Security Engineer.
You will work closely with leadership, business partners, and engineering teams to define, develop, and release security recommendations and technical solutions that drive security value, automation, and operational improvements across the business.
Information Security Engineer – Remote – Dubai, UAE
If you enjoy identifying security issues in system services and applications, and are skilled at analyzing novel threat scenarios, this position will provide you with a unique opportunity to secure the next generation of payments technology.
- Evaluating complex business and technical requirements, communicating inherent security risks and solutions to technical and non-technical business owners
- Working with engineering, product management, and compliance teams across Amazon to design, develop, deploy, and maintain scalable security solutions in a heterogeneous environment with both “bought” and “built” technologies
- Drive awareness of security guidelines, secure-by-default configurations, and technological implementations
- Identify and drive continuous process improvements across security programs and services
- Conducting security reviews to verify compliance and trigger remediation action when necessary
- Creating and maintaining programmatic access control policies for existing and new services, and features within data path using internal tools
- Driving InfoSec policy definition, updates, and policy violation measures.
- Perform end-to-end application security reviews to ensure critical information is appropriately protected
- Identify security vulnerabilities and risks, and develop mitigation plans
- Provide security architecture and design consultations to product teams, to help them build applications that are secure from the start
- Architect, design, implement, support, and evaluate security tools and services.
Information Security Engineer
* Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering or related field, or 7+ years relevant work experience.
* 7+ years of security engineering experience.
* 4+ years of experience and involvement with development team(s) that delivered commercial software or services.
* Experience in security engineering, system and network security, security protocols, cryptography, and application security.
* Experience with the application of threat modeling or other risk identification techniques.
*Proficiency in at least one modern programming language, such as C++, Java, or Python.
*Proficient oral and written communication skills with the ability to tailor communications to various levels of management including precise and effective customer communications.
*Experience in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. SOC1, SOC 2, HIPAA, PCI, or ISO 27001, FedRAMP, IRAP).
*Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
*CISSP, CISA, CISM and/or other comparable security controls or audit certifications.
Information Security Engineer. Desired Requirements:
* Master’s degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent.
* Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits.
* Knowledge of hardware security mechanisms.
* Excellent written and verbal communication skills.
* Excellent leadership skills and teamwork skills.
* Results oriented, high energy, self-motivated.
*Have experience in generating automated metrics to measure IT security effectiveness and consistency.
*Experience with monitoring security controls supporting a comprehensive compliance program and a clear understanding of cloud computing services/deployment architecture.
*Have a working knowledge of NIST 800-53, ISO 27002, PCI DSS, HIPAA and SOC standards. Have an understanding of evaluating the design and effectiveness of IT controls.
Information Security Engineer
- Information Technology & Services
- Consumer Services
- Financial Services
- Information Technology
To apply for this job please visit www.linkedin.com.