Senior Engineer - Security

About KATIM

KATIM is a leader in the development of innovative secure communication products and solutions for governments and businesses. As part of the Space & Cyber Technologies cluster at EDGE, one of the world’s leading advanced technology groups, KATIM delivers trust in a world where cyber risks are a constant threat, and fulfils the increasing demand for advanced cyber capabilities by delivering robust, secure, end-to-end solutions centered on four core business units: Networks, Ultra Secure Mobile Devices, Applications, and Satellite Communications. Our talented team of cross functional experts continually takes-on new challenges. We work with the energy of a start-up yet the discipline of a large business to make solutions and products work for our customers at scale.

As a Senior Security Engineer, you will play a pivotal role in safeguarding KATIM's infrastructure and products. This position requires the design, implementation, and management of sophisticated security measures to defend against evolving threats. The ideal candidate will have a comprehensive understanding of security principles and standards, hands-on expertise with security technologies, and a proven ability to lead projects and deliver results within deadlines. Collaboration with cross-functional teams is essential to ensure that security is seamlessly integrated into every aspect of our technological framework.

Key Responsibilities

• Contribute to develop and implement robust security architectures for KATIM’s systems and applications, ensuring alignment with industry best practices and regulatory requirements.
• Create and maintain comprehensive documentation for security architectures and solutions.
• Oversee and, when necessary, contribute to the configuration and operation of a comprehensive suite of security tools and technologies, including firewalls, IDS/IPS, WAF, proxies, email security, DLP, IRM/DRM, ATP, network infrastructure, and endpoint protection solutions.
• Ensure the confidentiality, integrity, and availability of on-premise and cloud environments, servers, databases, laptops, firewalls, and other devices for secure data storage and transfer.
• Establish new network security standards, including policies, security review processes, and guidelines for routers, firewalls, switches, and wireless access points etc.,
• Collaborate with development and infrastructure teams to integrate security best practices into system designs.
• Evaluate various solutions from a security perspective and provide assessment reports.
• Work with relevant teams to prioritize and address vulnerabilities promptly.
• Oversee the identification, assessment, and remediation of security vulnerabilities across all systems and networks.
• Review and audit security implementations to ensure compliance and effectiveness.
• Ensure compliance with industry standards, regulations, and frameworks (e.g., ISO 27001, NIST, CIS, GDPR).
• Clearly communicate security risks, incidents, and updates to management and relevant stakeholders.
• Conduct security training and awareness programs for employees to foster a culture of security within the organization.
• Stay informed about the latest security trends, technologies, and threat intelligence to continuously enhance the organization’s security posture.
• Propose and implement improvements to existing security processes and technologies.
  
  

Education and Minimum Qualification

• Bachelor's or Master's degree in Computer Science or a related field.
• 8-10 years of experience with hands-on expertise in developing, operating, and maintaining security technologies.
• Strong understanding of web application security and mobile application security
• Familiarity with threat modelling techniques such as STRIDE, DREAD or PASTA
• Strong understanding of web application security and mobile application security (OWASP Top 10)
• Knowledge of cryptographic tools and techniques
• Experience with cloud security, container security and API security
• Experience in implementing DevSecOps requirements as per ISO, NIST, CSA and CIS best practices
• Understanding of CI/CD processes and how security can be integrated into them
• Familiarity with DevOps and related tools such as Jenkins, GitLab, Docker, Kubernetes and Ansible
• Experience with security tools such as DAST, SAST, SCA, and open source tools such as Burp Suite, Metasploit, OWASP ZAP
• Familiarity with administrative tasks within popular operating systems like RHEL and Ubuntu
  
  

Key Skills

• Excellent written and verbal communication skills
• Strong problem-solving skills and attention to detail
• Certifications such as CISSP, CISM, OSCP or CEH are a plus
  
  

#KATIM