Cybersecurity Engineer

The Cybersecurity Engineer is responsible for day-to-day security operations, vulnerability management, identity and access management (IAM), and cryptographic key management.

This role supports enterprise and customer-facing environments by ensuring systems, applications, and security platforms remain secure, compliant, and operationally stable, while providing clear visibility into overall project security health.

The engineer will act as a technical security point-of-contact for customers and internal teams, supporting IAM platforms , key management systems, and security assessments.

Key Responsibilities

1. Vulnerability & Security Assessment

• Perform Network Vulnerability Assessments (NVA) using approved vulnerability scanning tools.

• Coordinate and support VAPT / WAPT activities, including scope validation, scheduling, execution support, and retesting.

• Analyse scan results, validate false positives, and prioritise remediation based on risk.

• Track remediation actions, evidence, and closure status across projects.

• Maintain vulnerability metrics, trends, and security posture dashboards.

2. Identity & Access Management (IAM) –

• Support implementation, configuration, operation, and maintenance of IAM platforms

• Perform Day-2 IAM operations, including:

o Authentication and access policy configuration

o Federation and SSO troubleshooting

o Certificate lifecycle management

o High availability, node health, and recovery support

• Support IAM integration with applications, APIs, and third-party identity providers.

3. Cryptographic Key Management

• Operate and support Key Management Systems (KMS).

• Perform key lifecycle management, including:

o Key generation, rotation, archival, and destruction

o Access control and separation of duties

o Backup, restore, and failover procedures

• Support integration of client KMS with applications, databases, and cloud services.

• Ensure cryptographic operations align with security policies, compliance requirements, and customer expectations.

• Assist in troubleshooting encryption, decryption, and key access issues.

4. Customer & Stakeholder Security Support

• Respond to customer cybersecurity queries, including:

o Security architecture explanations

o IAM and encryption design justifications

o Vulnerability and remediation clarifications

o Compliance and assurance questions (e.g. ISO 27001, SOC 2, MAS TRM, IM8, PCI DSS where applicable)

• Support security questionnaires, audits, and due-diligence assessments with clear and auditable responses.

5. Project Security Health & Reporting

• Monitor and report on project and platform security health, including:

o Vulnerability status and remediation progress

o IAM and KMS operational risks

o Open security issues and accepted risks

• Produce regular security health reports for management and project stakeholders.

• Maintain risk registers and track security action items.

6. Security Operations & Governance

• Support security incident investigations involving IAM or cryptographic components.

• Ensure security controls are implemented in accordance with internal standards and customer contractual requirements.

• Maintain security documentation, SOPs, and operational runbooks.

• Support internal and external audits by providing technical evidence and walkthroughs.

Required Skills & Experience

Technical Skills

• Hands-on experience with vulnerability scanning tools (e.g. Nessus, Qualys, Rapid7, OpenVAS).

• Strong understanding of network, system, and application security.

• Practical experience supporting IAM platforms, preferably IBM ISAM.

• Hands-on experience with key management systems.

• Knowledge of cryptographic concepts:

o Encryption at rest and in transit

o Key lifecycle management

o PKI, certificates, and TLS

• Familiarity with Linux systems and troubleshooting production security platforms.

Security & Compliance Knowledge

• Familiarity with security frameworks and standards (ISO 27001/27002, NIST, CIS).

• Experience supporting customer security reviews and audits.

• Ability to translate technical security controls into risk-based explanations.

Soft Skills

• Strong written and verbal communication skills.

• Comfortable engaging with customers, auditors, and internal engineering teams.

• Structured, detail-oriented approach to BAU security operations.

• Able to manage multiple security workstreams concurrently.

Nice-to-Have

• Experience in regulated or government environments.

• Exposure to cloud security and cloud KMS integrations.

• Security certifications (CISSP, CISM, CCSP) or vendor IAM/KMS certifications.