Cyber Security Expert

Primary Skillset

· Advanced Network & Application Security Architecture

· Deep knowledge of OWASP Top 10 + API Security Top 10

· Advanced Penetration Testing & Red Teaming

· Secure system design (Zero Trust Architecture)

· Cryptography (PKI, TLS, encryption at rest & transit)

· Identity & Access Management (IAM, SSO, OAuth2, OpenID Connect)

· Cloud Security (AWS/Azure/GCP – IAM, VPC, security groups, WAF)

· Threat Modeling methodologies (STRIDE, DREAD)

Secondary Skillset

· DevSecOps integration (security in CI/CD pipelines)

· Advanced SIEM & SOC operations (Splunk, ELK, Sentinel)

· Container & Kubernetes security

· Secrets management (Vault, KMS)

· Compliance frameworks (HIPAA, ISO 27001, SOC2, GDPR)

· Digital forensics & incident investigation

· Security automation (Python, Bash scripting)

Roles & Responsibilities (Expert Level)

1. Security Architecture & Strategy

Define and implement end-to-end security architecture across applications, infrastructure, and data

Establish Zero Trust security models across systems

Review and approve system designs with a security-first approach

Align security strategy with business goals and regulatory requirements

2. Threat Modeling & Risk Management

Conduct deep threat modeling sessions during system design phases

Identify attack surfaces, threat vectors, and risk exposure

Prioritize risks based on business impact, not just severity scores

Define mitigation strategies and ensure execution

3. Advanced Penetration Testing & Red Teaming

Lead full-scale penetration testing and red team exercises

Simulate real-world attacks (API abuse, privilege escalation, lateral movement)

Validate system resilience against advanced persistent threats (APTs)

Go beyond tools → perform manual exploitation and logic-based attacks

4. DevSecOps & Secure Engineering

Integrate security into CI/CD pipelines (SAST, DAST, SCA)

Enforce secure coding standards across teams

Build automated security checks into development workflows

Work closely with developers to fix root causes, not symptoms

5. Monitoring, Detection & Incident Response

Design and oversee security monitoring systems (SIEM/SOC)

Define alerting strategies to reduce false positives

Lead incident response during security breaches

Perform root cause analysis (RCA) and implement preventive controls

6. Cloud & Infrastructure Security

Secure cloud environments (IAM policies, network isolation, encryption)

Implement container and Kubernetes security controls

Manage secrets, keys, and access controls securely

Continuously audit infrastructure for misconfigurations

7. Compliance & Governance

Ensure systems meet HIPAA, GDPR, SOC2, ISO 27001 standards

Lead security audits and certifications

Define policies for data protection, access control, and logging

Maintain audit-ready documentation and evidence

Pay: ₹700,000.00 per year

Work Location: In person