Job description
We are seeking a Senior Cybersecurity Engineer to join NexaSec Technologies, a fast growing security software company. You will design and implement resilient security controls across cloud and on premise environments, lead incident response, and partner with product and engineering teams to embed security into the development lifecycle.
In this role, you will impact the organization by improving threat detection, reducing risk exposure, and shaping our security strategy. This is an excellent opportunity for a hands on engineer who thrives on problem solving, continuous learning, and delivering measurable security outcomes.
Responsibility
- Design, implement, and maintain security controls across cloud and on prem environments, with a focus on AWS and Azure.
- Lead security incidents from detection to remediation, performing root cause analysis and post incident reviews.
- Manage identity and access management, MFA, and privileged access controls to ensure robust authentication and authorization.
- Architect and operate security monitoring using SIEM, EDR, and threat intelligence to detect and respond to threats quickly.
- Conduct threat modeling, vulnerability management, and risk assessments to guide security prioritization.
- Collaborate with software engineers to embed security into the SDLC through secure design reviews and automated testing.
- Develop security runbooks, configurations, and automation to improve efficiency and repeatability.
- Maintain compliance with standards such as ISO 27001 and NIST, keeping policies up to date and auditable.
Qualification
- Bachelor's degree in computer science, information security, or a related field, or equivalent professional experience.
- Professional security certifications such as CISSP, CISM, or equivalent.
- 5+ years of hands on cybersecurity experience in security engineering, incident response, or a similar role.
- Strong knowledge of cloud security (AWS and Azure) and security controls across IaC and containerized environments.
- Experience with SIEM/SOAR platforms, EDR, firewalls, and network security concepts.
- Proficiency in scripting or programming (Python, PowerShell, or similar) for automation.
- Excellent problem solving, communication, and collaboration skills with cross functional teams.
- Familiarity with risk management frameworks and regulatory requirements.