Sr. Security Engineer

Salary

: Industry Standards

Experience

: 7 to 10 Years

Joining Date

: ASAP

Job Location

: Dubai

Industry Type

: IT Software

Function

: Software Development

Reporting To

: Manager

Job Type

: Full Time

Job Description

Description
The Sr. Security engineer is responsible for providing expert guidance in
designing, implementing, and reviewing security architectures across a
wide range of technologies and environments. This role involves
developing secure solutions for applications, infrastructure, and network
environments, including Web Application Firewalls, IPS, Database
Activity Monitoring (DAM), Privileged Access Management (PAM),
Network Access Control (NAC), Mobile Device Management (MDM),
Secure Remote Access, and Patch Management. A key focus will be on
applying Zero Trust Architecture principles and integrating supporting
technologies to maintain robust security standards.
Security Architecture and Engineering:

  • Develop security architecture blueprints for new and existing
    systems, ensuring alignment with the organization’s overall security
    strategy.
  • Design and implement secure solutions that cover Web Application
    Firewalls (WAF), Intrusion Prevention Systems (IPS), Database
    Activity Monitoring (DAM), Privileged Access Management (PAM),
    Network Access Control (NAC), Mobile device management
    (MDM). and Secure Remote Access.
  • Integrate DDoS prevention, ransomware protection, and other threat
    mitigation strategies into design frameworks
  • Oversee the deployment of security architectures, ensuring smooth
    implementation and minimizing disruption to operations.
  • Collaborate with other IT and security teams to ensure the correct
    configuration of security technologies like IPS, PAM, and Endpoint
    Security solutions
  • Conduct at least quarterly reviews and updates of existing security
    designs to incorporate the latest threat intelligence and security
    trends.
  • Ensure all designs are compliant with internal and external security
    standards, including ISO 27001, NIST, GDPR, and other relevant
    regulations.
    Implementing zero trust architecture and framework:
  • Develop and communicate a Zero Trust Architecture roadmap,
    covering phased implementation across applications, infrastructure,
    and network layers.
  • Conduct security posture assessments to identify vulnerabilities,
    gaps, and areas for Zero Trust integration.
  • Design and implement robust authentication and authorization
    protocols (e.g., MFA, SSO) to enforce least privilege and verify
    every access attempt.
  • Apply micro-segmentation strategies to control and limit lateral
    movement within the network.

Implementing zero trust architecture and framework:

  • Develop and communicate a Zero Trust Architecture roadmap,
    covering phased implementation across applications, infrastructure,
    and network layers.
  • Conduct security posture assessments to identify vulnerabilities,
    gaps, and areas for Zero Trust integration.
  • Design and implement robust authentication and authorization
    protocols (e.g., MFA, SSO) to enforce least privilege and verify
    every access attempt.
  • Apply micro-segmentation strategies to control and limit lateral
    movement within the network.
  • Implement and manage continuous monitoring and anomaly
    detection to identify, isolate, and respond to suspicious activities in
    real-time.
  • Collaborate with IT and DevOps teams to integrate ZTA in new and
    existing systems without compromising performance.
  • Educate stakeholders and train IT staff on Zero Trust principles and
    specific security controls.
  • Maintain and update the Zero Trust model as security threats evolve
    and new solutions are introduced
  • Reduce mean time to detect (MTTD) and mean time to respond
    (MTTR) to threats by 30% within the Zero Trust environment

Requirements

  • Bachelor of Science in Computer Science, Cybersecurity, or a related
    field
  • Minimum 5 – 7 years of experience application security or a related
    field
  • Relevant certifications (e.g., CISSP, TOGAF, AWS Security / Azure
    Security AZ500) are highly desirable.
Powered By