Cloud and Application Security Engineer

About Us:
Neural Web is a fast-growing company focused on delivering secure, innovative technology solutions across industries. We’re looking for a dedicated and skilled Security Engineer to join our team and enhance our security framework, ensuring our cloud, applications, and workspace environments are protected from evolving threats.

Job Summary:
The Cloud, Application, and Workspace Security Engineer will be responsible for designing, implementing, and maintaining security protocols for our cloud infrastructure, application layer, and workspace environments. This role focuses on protecting sensitive data, ensuring compliance with industry standards, and developing security best practices to safeguard the company’s digital assets.

Key Responsibilities:

Cloud Security:
Design and implement security controls for cloud-based infrastructure (AWS, GCP).
Ensure cloud architecture is secure by default and continuously monitored for vulnerabilities.
Implement cloud-based security tools for monitoring, detection, and prevention (e.g., IDS/IPS, WAF, SIEM).
Regularly conduct threat modeling, vulnerability assessments, and security audits in cloud environments.

Application Security:
Conduct security assessments on applications to identify vulnerabilities in code, logic, or configuration.
Integrate security best practices within CI/CD pipelines, including automated testing for vulnerabilities.
Collaborate with development teams to ensure secure coding practices (e.g., secure SDLC, OWASP Top 10).
Implement application security tools (e.g., DAST, SAST, RASP) and address identified risks.

Workspace Security:
Secure corporate workspace environments, including remote and on-premise systems.
Implement endpoint protection strategies for laptops, desktops, and mobile devices.
Enforce identity and access management (IAM) policies, including multifactor authentication (MFA) and single sign-on (SSO).
Oversee security monitoring, logging, and response tools to ensure quick detection and remediation of incidents.

Incident Management:
Lead security incident response efforts for breaches or vulnerabilities across cloud, applications, and workspace environments.
Investigate security incidents, conduct root cause analysis, and recommend improvements to prevent recurrence.

Compliance and Governance:
Ensure compliance with industry regulations and standards such as SOC 2, HIPAA, GDPR, ISO 27001, and more.
Develop and maintain security documentation, including policies, procedures, and incident response plans.

Collaboration and Training:
Collaborate with cross-functional teams including IT, DevOps, and software engineering to promote a security-first culture.
Provide training and guidance to teams on secure practices and compliance requirements.

Qualifications:
Bachelor’s degree in Computer Science, Information Technology, or a related field.
3-5 years of experience in cloud security, application security, and/or workspace security.
Strong experience with AWS, Azure, or GCP security tools and protocols.
Familiarity with container and microservices security (e.g., Docker, Kubernetes).
Hands-on experience with security tools such as firewalls, SIEM, IDS/IPS, WAF, and vulnerability scanners.
In-depth knowledge of security standards, frameworks, and compliance requirements (e.g., NIST).
Experience with scripting or coding (Python, Bash, etc.) for automation and remediation tasks.
Certifications such as CISSP, CEH, AWS Certified Security Specialty, or equivalent are preferred.

Skills:
Strong analytical and problem-solving skills.
Ability to work in a fast-paced, evolving environment.
Excellent communication and teamwork abilities.