We are looking for a hands-on Cybersecurity Engineer to build guardrails, pipelines, controls, measure coverage, detection maturity, response time, and participate in security incident support, purple-team exercises, audit/forensics evidencing
You will play a key role in building a safe and secure digital eco-environment through strong cybersecurity governance and operational excellence.
Mandatory Skill(s)
- Degree in Computer Science, Information Systems, Engineering, or related discipline;
- Minimum 5 years of hands-on cybersecurity experience in Security Engineering, DevSecOps, Detection Engineering, Offensive Security, and Application Security;
- Strong experience with SSO (SAML/OIDC), MFA, identity policies, and enterprise application integration;
- Proven experience implementing DevSecOps controls (SAST, DAST, SCA, IaC scanning, policy-as-code) within CI/CD pipelines;
- Experience with secrets management, credential protection, and key management solutions;
- Proficient in enterprise security tools, VAPT, and frameworks such as MITRE ATT&CK;
- Hands-on experience securing cloud environments and DevOps/CI/CD ecosystems;
- Experience building security automation, SOAR workflows, runbooks, and API integrations;
- Familiar with MAS TRM, CIS Benchmarks, and security baseline implementation;
- Experience managing MDM security baselines across Linux, Windows, macOS, iOS, and Android platforms;
- Strong communication, presentation, and stakeholder management skills.
Desirable Skill(s)
- Certifications: OSCP, OSWE, CASE, GWEB, CISSP.
Responsibilities
- Develop and enhance security controls, guardrails, and detection capabilities while tracking coverage, detection effectiveness, response metrics, and supporting incident response, audits, and forensic investigations;
- Implement measures to reduce social engineering risks, including phishing attacks, MFA fatigue, helpdesk impersonation, and business email compromise (BEC);
- Integrate security testing and governance controls into CI/CD pipelines, covering SAST, DAST, SCA, IaC scanning, and policy-as-code frameworks;
- Establish and govern Secure SDLC practices, including threat modeling, security checkpoints, risk exception management, and remediation timelines;
- Design and deploy solutions to identify and prevent credential and secret leakage across development and source code repositories;
- Create and optimize threat detection use cases aligned with relevant MITRE ATT&CK techniques;
- Collaborate with SOC, MDR, engineering, and external security teams to conduct purple-team exercises and validate security controls;
- Develop automated security workflows, orchestration processes, and runbooks to improve detection, response, containment, and recovery efficiency;
- Support security operations and compliance activities through automated evidence collection, control validation, and remediation management;
- Monitor emerging threats and technology trends to continuously update testing standards and security practices;
- Act as a trusted advisor to senior stakeholders, and project teams, fostering a culture of security and knowledge sharing across the organizations.
If you are interested in this role, click on the “Apply to this job” button below or you could also write in with your CV to Cecilia Chong at cecilia@sciente.com quoting the job title.
