Cybersecurity Engineer (JD#11097)

Job Summary

We are looking for a hands-on Cybersecurity Engineer to build guardrails, pipelines, controls, measure coverage, detection maturity, response time, and participate in security incident support, purple-team exercises, audit/forensics evidencing.

The ideal candidate should have a good mix of GRC, Enterprise Security and Application Security experience.

Mandatory Skill-set

• Degree in Computer Science, Information Systems, Engineering, or related discipline;
• Minimum 5 years of hands-on cybersecurity experience in Security Engineering, DevSecOps, Detection Engineering, Offensive Security, and Application Security;
• Strong experience with SSO (SAML/OIDC), MFA, identity policies, and enterprise application integration;
• Proven experience implementing DevSecOps controls (SAST, DAST, SCA, IaC scanning, policy-as-code) within CI/CD pipelines;
• Experience with secrets management, credential protection, and key management solutions;
• Proficient in enterprise security tools, VAPT, and frameworks such as MITRE ATT&CK;
• Hands-on experience securing cloud environments and DevOps/CI/CD ecosystems;
• Experience building security automation, SOAR workflows, runbooks, and API integrations;
• Familiar with MAS TRM, CIS Benchmarks, and security baseline implementation;
• Experience managing MDM security baselines across Linux, Windows, macOS, iOS, and Android platforms;
• Strong communication, presentation, and stakeholder management skills.

Desired Skill-set

• Certifications: OSCP, OSWE, CASE, GWEB, CISSP.

Responsibilities

• Develop and enhance security controls, guardrails, and detection capabilities while tracking coverage, detection effectiveness, response metrics, and supporting incident response, audits, and forensic investigations;
• Implement measures to reduce social engineering risks, including phishing attacks, MFA fatigue, helpdesk impersonation, and business email compromise (BEC);
• Integrate security testing and governance controls into CI/CD pipelines, covering SAST, DAST, SCA, IaC scanning, and policy-as-code frameworks;
• Establish and govern Secure SDLC practices, including threat modeling, security checkpoints, risk exception management, and remediation timelines;
• Design and deploy solutions to identify and prevent credential and secret leakage across development and source code repositories;
• Create and optimize threat detection use cases aligned with relevant MITRE ATT&CK techniques;
• Collaborate with SOC, MDR, engineering, and external security teams to conduct purple-team exercises and validate security controls;
• Develop automated security workflows, orchestration processes, and runbooks to improve detection, response, containment, and recovery efficiency;
• Support security operations and compliance activities through automated evidence collection, control validation, and remediation management;
• Monitor emerging threats and technology trends to continuously update testing standards and security practices;
• Act as a trusted advisor to senior stakeholders, and project teams, fostering a culture of security and knowledge sharing across the organizations.

Should you be interested in this career opportunity, please send in your updated resume to [email protected] at the earliest.
When you apply, you voluntarily consent to the disclosure, collection and use of your personal data for employment/recruitment and related purposes in accordance with the SCIENTE Group Privacy Policy, a copy of which is published at SCIENTE’s website

(https://www.sciente.com/privacy-policy).

Confidentiality is assured, and only shortlisted candidates will be notified for interviews.

EA Licence No. 07C5639