Cyber Security Engineer

This is a remote position.

Role : Cyber Security Engineer

Team : Infrastructure

Dept: Digital & Technology

Job Description:

As a Cybersecurity Engineer at flydocs you will be responsible for designing, implementing, and managing cybersecurity solutions for our in-house SaaS solutions and supporting our clients in the aviation sector. You will work closely with our team of experts to assess security risks, deliver strategies, and oversee technologies that safeguard critical systems and data. You will be responsible for maintaining security throughout our cloud environment and handle various security tools that are implemented within the organization.

Requirements

Requirements

Key Responsibilities:

Cybersecurity Assessment:

1. Conduct comprehensive cybersecurity assessments for aviation clients, identifying vulnerabilities and assessing the effectiveness of existing security controls.
   
2. Support the risk management strategies tailored to the unique needs and challenges of aviation organizations, prioritizing security initiatives based on risk exposure.
   

Security Architecture and Implementation:

1. Design and deploy security architectures for our cloud-based solutions and their integrations into various aviation systems, including networks, applications, and infrastructure components.
   
2. Implement security controls and technologies, such as firewalls, intrusion detection/prevention systems, encryption, and multi-factor authentication, to protect against cyber threats.
   
3. Perform penetration tests on SaaS-based web applications and APIs.
   

Incident Response and Forensics:

1. Develop incident response plans and procedures for aviation clients, outlining protocols for detecting, containing, and mitigating security incidents.
   
2. Provide forensic analysis and investigation support in response to cybersecurity incidents, documenting findings and recommending remediation actions.
   

Compliance and Regulatory Guidance:

1. Ensure compliance with aviation cybersecurity regulations and standards, such as ISO, GDPR, and NIST Cybersecurity Framework, as well as industry-specific guidelines.
   
2. Assisting the company in preparing for regulatory audits and assessments, providing guidance on best practices and controls implementation.
   

Security Awareness and Training:

1. Promote a culture of security awareness within the organizations, emphasizing the importance of cybersecurity hygiene and risk mitigation.
   
2. Work alongside your lead to design and assign training using the training LMS tool.
   

Qualifications:

1. Bachelor’s degree in Computer Science, Information Security, or a related field.
   
2. Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), AZ 500, AZ 900, or other relevant certifications.
   
3. Intermediate level understanding of cloud environment. Azure cloud expert knowledge will be an advantage.
   
4. Proven experience and experience in cybersecurity roles, with a focus on consulting or advisory services for clients (aviation clients an advantage).
   
5. Strong understanding of Infrastructure systems and protocols, as well as relevant cybersecurity standards and regulations. Past work experience as a system administrator is a huge advantage.
   
6. Proven implementation knowledge of security platforms like CrowdStrike/Sophos especially within the cloud technologies arena (Azure, AWS, GCP).
   
7. Proven understanding of both server and endpoint platforms for OS like Windows, Linux and Mac.
   
8. Microsoft 365 administration knowledge is also an advantage.
   
9. Excellent communication and presentation skills, with the ability to convey technical concepts to non-technical audiences.