Senior Engineer - Security

About KATIM

KATIM is a leader in the development of innovative secure communication products and solutions for governments and businesses. As part of the Space & Cyber Technologies cluster at EDGE, one of the world’s leading advanced technology groups, KATIM delivers trust in a world where cyber risks are a constant threat, and fulfils the increasing demand for advanced cyber capabilities by delivering robust, secure, end-to-end solutions centered on four core business units: Networks, Ultra Secure Mobile Devices, Applications, and Satellite Communications. Our talented team of cross functional experts continually takes-on new challenges. We work with the energy of a start-up yet the discipline of a large business to make solutions and products work for our customers at scale.

As a Senior Security Engineer, you will play a pivotal role in safeguarding KATIM's infrastructure and products. This position requires the design, implementation, and management of sophisticated security measures to defend against evolving threats. The ideal candidate will have a comprehensive understanding of security principles and standards, hands-on expertise with security technologies, and a proven ability to lead projects and deliver results within deadlines. Collaboration with cross-functional teams is essential to ensure that security is seamlessly integrated into every aspect of our technological framework.

Key Responsibilities
•    Contribute to develop and implement robust security architectures for KATIM’s systems and applications, ensuring alignment with industry best practices and regulatory requirements.
•    Create and maintain comprehensive documentation for security architectures and solutions.
•    Oversee and, when necessary, contribute to the configuration and operation of a comprehensive suite of security tools and technologies, including firewalls, IDS/IPS, WAF, proxies, email security, DLP, IRM/DRM, ATP, network infrastructure, and endpoint protection solutions.
•    Ensure the confidentiality, integrity, and availability of on-premise and cloud environments, servers, databases, laptops, firewalls, and other devices for secure data storage and transfer.
•    Establish new network security standards, including policies, security review processes, and guidelines for routers, firewalls, switches, and wireless access points etc.,
•    Collaborate with development and infrastructure teams to integrate security best practices into system designs.
•    Evaluate various solutions from a security perspective and provide assessment reports.
•    Work with relevant teams to prioritize and address vulnerabilities promptly.
•    Oversee the identification, assessment, and remediation of security vulnerabilities across all systems and networks.
•    Review and audit security implementations to ensure compliance and effectiveness.
•    Ensure compliance with industry standards, regulations, and frameworks (e.g., ISO 27001, NIST, CIS, GDPR).
•    Clearly communicate security risks, incidents, and updates to management and relevant stakeholders.
•    Conduct security training and awareness programs for employees to foster a culture of security within the organization.
•    Stay informed about the latest security trends, technologies, and threat intelligence to continuously enhance the organization’s security posture.
•    Propose and implement improvements to existing security processes and technologies.
 

Education and Minimum Qualification

•    Bachelor's or Master's degree in Computer Science or a related field.
•    8-10 years of experience with hands-on expertise in developing, operating, and maintaining security technologies.
•    Strong understanding of web application security and mobile application security
•    Familiarity with threat modelling techniques such as STRIDE, DREAD or PASTA
•    Strong understanding of web application security and mobile application security (OWASP Top 10)
•    Knowledge of cryptographic tools and techniques
•    Experience with cloud security, container security and API security
•    Experience in implementing DevSecOps requirements as per ISO, NIST, CSA and CIS best practices
•    Understanding of CI/CD processes and how security can be integrated into them
•    Familiarity with DevOps and related tools such as Jenkins, GitLab, Docker, Kubernetes and Ansible
•    Experience with security tools such as DAST, SAST, SCA, and open source tools such as Burp Suite, Metasploit, OWASP ZAP
•    Familiarity with administrative tasks within popular operating systems like RHEL and Ubuntu

 

Key Skills

•    Excellent written and verbal communication skills
•    Strong problem-solving skills and attention to detail
•    Certifications such as CISSP, CISM, OSCP or CEH are a plus

#KATIM