Cybersecurity Engineer

Job Description

. The Cybersecurity Engineer is responsible for day-to-day security operations across enterprise and customer-facing environments, with primary focus on vulnerability management, Identity & Access Management (IAM), and cryptographic key management.

. This role ensures systems, applications, and security platforms remain secure, compliant, and operationally stable, while providing structured visibility into overall project security health.

. The engineer will serve as a technical security point-of-contact for customers and internal teams, supporting IAM platforms (e.g., IBM Security Access Manager), key management systems (e.g., Thales Key Management System), and security assessments.

Key Responsibilities

. 1. Vulnerability & Security Assessment Perform Network Vulnerability Assessments (NVA) using approved scanning tools (e.g., Nessus, Qualys, Rapid7 InsightVM, OpenVAS). Coordinate and support VAPT / WAPT engagements, including scope validation, scheduling, execution support, and retesting. Analyse scan results, validate false positives, and prioritise remediation based on risk severity and exploitability. Track remediation status, collect evidence of closure, and maintain audit-ready documentation. Maintain vulnerability metrics, trend analysis, and security posture dashboards.

. 2. Identity & Access Management (IAM) Support implementation, configuration, operation, and maintenance of IAM platforms (preferably IBM Security Access Manager). Perform Day-2 IAM operations, including: Authentication and access policy configuration Federation and SSO troubleshooting Certificate lifecycle management High availability configuration, node health monitoring, and recovery support Support IAM integration with enterprise applications, APIs, and third-party identity providers. Troubleshoot authentication flows, token validation issues, and integration defects in production environments.

. 3. Cryptographic Key Management Operate and support enterprise Key Management Systems (e.g., Thales Key Management System). Perform key lifecycle management, including: Key generation, rotation, archival, and secure destruction Role-based access control and separation of duties Backup, restore, and failover validation Support KMS integration with applications, databases, and cloud services. Ensure cryptographic operations align with internal policies, compliance requirements, and contractual obligations. Assist in troubleshooting encryption, decryption, certificate, and key access issues.

. 4. Customer & Stakeholder Security Support Respond to customer cybersecurity queries, including: Security architecture explanations IAM and encryption design justification Vulnerability findings and remediation clarifications Compliance and assurance questions (e.g., International Organization for Standardization ISO 27001, American Institute of Certified Public Accountants SOC 2, Monetary Authority of Singapore TRM/IM8, PCI Security Standards Council PCI DSS). Support completion of security questionnaires, audits, and due-diligence assessments with clear, auditable responses.

. 5. Project Security Health & Reporting Monitor and report on project and platform security posture, including: Vulnerability status and remediation progress IAM and KMS operational risks Open security issues and formally accepted risks Produce periodic security health reports for management and project stakeholders. Maintain risk registers and track security-related action items to closure.

. 6. Security Operations & Governance Support investigations of security incidents involving IAM or cryptographic components. Ensure security controls are implemented in accordance with internal standards and contractual requirements. Maintain up-to-date security documentation, SOPs, and operational runbooks. Provide technical walkthroughs and evidence for internal and external audits.

Required Skills & Experience

. Technical Competencies Hands-on experience with vulnerability scanning and remediation management.

. Strong understanding of network, system, and application security principles.

. Practical experience supporting IAM platforms (preferably IBM Security Access Manager or equivalent).

. Experience operating enterprise Key Management Systems (e.g., Thales Key Management System).

. Solid knowledge of cryptographic concepts: Encryption at rest and in transit Key lifecycle management PKI, digital certificates, and TLS Familiarity with Linux environments and troubleshooting production security platforms.

. Security & Compliance Knowledge Familiarity with recognised frameworks and standards (ISO 27001/27002, NIST, CIS).

. Experience supporting customer security reviews and audits.

. Ability to translate technical security controls into structured, risk-based explanations for non-technical stakeholders.

. Nice-to-Have Experience in regulated, financial services, or government environments.

. Exposure to cloud security and cloud-based KMS integrations.

. Relevant security certifications (e.g., CISSP, CISM, CCSP) or vendor IAM/KMS certifications.