Cybersecurity Engineer (Security Managed Services Practitioner)

Zenith Infotech (S) Pte Ltd. was started in 1997, primarily with the vision of offering state-of-the-art IT Professionals and solutions to various organizations and thereby helping them increase their productivity and competitiveness. From deployment of one person to formation of whole IT teams, Zenith Infotech has helped clients with their staff augmentation needs. Zenith offers opportunity to be engaged in long term projects with large IT savvy companies, Consulting organizations, System Integrators, Government, and MNCs.

EA Licence No: 20S0237

The Cybersecurity Engineer is responsible for day-to-day security operations, vulnerability management, identity and access management (IAM), and cryptographic key management.

This role supports enterprise and customer-facing environments by ensuring systems, applications, and security platforms remain secure, compliant, and operationally stable, while providing clear visibility into overall project security health.

The engineer will act as a technical security point-of-contact for customers and internal teams, supporting IAM platforms, key management systems, and security assessments.

________________________________________

Key Responsibilities

1. Vulnerability & Security Assessment

. Perform Network Vulnerability Assessments (NVA) using approved vulnerability scanning tools.

. Coordinate and support VAPT / WAPT activities, including scope validation, scheduling, execution support, and retesting.

. Analyze scan results, validate false positives, and prioritize remediation based on risk.

. Track remediation actions, evidence, and closure status across projects.

. Maintain vulnerability metrics, trends, and security posture dashboards.

________________________________________

2. Identity & Access Management (IAM) -

. Support implementation, configuration, operation, and maintenance of IAM platforms

. Perform Day-2 IAM operations, including:

o Authentication and access policy configuration

o Federation and SSO troubleshooting

o Certificate lifecycle management

o High availability, node health, and recovery support

. Support IAM integration with applications, APIs, and third-party identity providers.

The Cybersecurity Engineer is responsible for day-to-day security operations, vulnerability management, identity and access management (IAM), and cryptographic key management.
This role supports enterprise and customer-facing environments by ensuring systems, applications, and security platforms remain secure, compliant, and operationally stable, while providing clear visibility into overall project security health.
The engineer will act as a technical security point-of-contact for customers and internal teams, supporting IAM platforms, key management systems, and security assessments.
________________________________________
Key Responsibilities
1. Vulnerability & Security Assessment
. Perform Network Vulnerability Assessments (NVA) using approved vulnerability scanning tools.
. Coordinate and support VAPT / WAPT activities, including scope validation, scheduling, execution support, and retesting.
. Analyze scan results, validate false positives, and prioritize remediation based on risk.
. Track remediation actions, evidence, and closure status across projects.
. Maintain vulnerability metrics, trends, and security posture dashboards.
________________________________________
2. Identity & Access Management (IAM) -
. Support implementation, configuration, operation, and maintenance of IAM platforms
. Perform Day-2 IAM operations, including:
o Authentication and access policy configuration
o Federation and SSO troubleshooting
o Certificate lifecycle management
o High availability, node health, and recovery support
. Support IAM integration with applications, APIs, and third-party identity providers.
________________________________________
3. Cryptographic Key Management
. Operate and support Key Management Systems (KMS).
. Perform key lifecycle management, including:
o Key generation, rotation, archival, and destruction
o Access control and separation of duties
o Backup, restore, and failover procedures
. Support integration of Thales KMS with applications, databases, and cloud services.
. Ensure cryptographic operations align with security policies, compliance requirements, and customer expectations.
. Assist in troubleshooting encryption, decryption, and key access issues.
________________________________________
4. Customer & Stakeholder Security Support
. Respond to customer cybersecurity queries, including:
o Security architecture explanations
o IAM and encryption design justifications
o Vulnerability and remediation clarifications
o Compliance and assurance questions (e.g. ISO 27001, SOC 2, MAS TRM, IM8, PCI DSS where applicable)
. Support security questionnaires, audits, and due-diligence assessments with clear and auditable responses.
________________________________________
5. Project Security Health & Reporting
. Monitor and report on project and platform security health, including:
o Vulnerability status and remediation progress
o IAM and KMS operational risks
o Open security issues and accepted risks
. Produce regular security health reports for management and project stakeholders.
. Maintain risk registers and track security action items.
________________________________________
6. Security Operations & Governance
. Support security incident investigations involving IAM or cryptographic components.
. Ensure security controls are implemented in accordance with internal standards and customer contractual requirements.
. Maintain security documentation, SOPs, and operational runbooks.
. Support internal and external audits by providing technical evidence and walkthroughs.
________________________________________
Required Skills & Experience
Technical Skills
. Hands-on experience with vulnerability scanning tools (e.g. Nessus, Qualys, Rapid7, OpenVAS).
. Strong understanding of network, system, and application security.
. Practical experience supporting IAM platforms, preferably IBM ISAM.
. Hands-on experience with key management systems.
. Knowledge of cryptographic concepts:
o Encryption at rest and in transit
o Key lifecycle management
o PKI, certificates, and TLS
. Familiarity with Linux systems and troubleshooting production security platforms.
________________________________________
Security & Compliance Knowledge
. Familiarity with security frameworks and standards (ISO 27001/27002, NIST, CIS).
. Experience supporting customer security reviews and audits.
. Ability to translate technical security controls into risk-based explanations.
________________________________________
Soft Skills
. Strong written and verbal communication skills.
. Comfortable engaging with customers, auditors, and internal engineering teams.
. Structured, detail-oriented approach to BAU security operations.
. Able to manage multiple security workstreams concurrently.
________________________________________
Nice-to-Have
. Experience in regulated environments.
. Exposure to cloud security and cloud KMS integrations.
. Security certifications (CISSP, CISM, CCSP) or vendor IAM/KMS certifications.