Job Title: Cyber Security Engineer
Experience: 5 years
Location: Hyderabad
Job Summary:
We (RMES) are seeking a seasoned Cyber Security Engineer with a minimum of five (5) years’ hands-on experience in Vulnerability Assessment & Penetration Testing (VAPT) and security testing across web applications, APIs, networks, and databases. The ideal candidate will combine strong technical skills in programming and scripting with deep familiarity with industry-standard security standards, tools and methodologies.
Key Responsibilities
- Vulnerability Assessment & Penetration Testing
- Plan and execute black-box, white-box, and gray-box penetration tests.
- Identify, analyze, and report security vulnerabilities in web applications, REST/SOAP APIs, network infrastructures, and database systems.
- Security Testing
- Perform security code reviews and static/dynamic analysis on application source code.
- Execute automated and manual security test cases, including OWASP Top 10, SANS Top 25, and API-specific risks.
- Tooling & Automation
- Develop and maintain custom scripts and tooling to automate reconnaissance, scanning, exploitation, and reporting.
- Integrate security testing into CI/CD pipelines and DevSecOps workflows.
- Risk Analysis & Reporting
- Assess business impact and prioritize vulnerabilities by severity and exploitability.
- Produce clear, actionable reports and work with development teams to validate fixes.
- Collaboration & Advisory
- Liaise with developers, DevOps, and IT/network teams to remediate security findings.
- Provide guidance on secure coding practices, hardening configurations, and security best practices.
- Providing assistance to other teams (project, commercial, product, customer success) in answering cyber security related questions raised by/in customer/project tenders.
Required Qualifications
- Bachelor’s degree in computer science, Information Security, or related field.
- 3+ years of professional experience in VAPT and security testing.
Technical Skills
- Programming & Scripting:
- Proficient in at least two of: Python, Java, C#, Ruby, Go, or JavaScript/TypeScript.
- Shell scripting (Bash/PowerShell) for automation.
- Security Tools & Frameworks:
- Web/API testing: Burp Suite, OWASP ZAP, Postman, SoapUI.
- Network scanning: Nmap, Nessus, OpenVAS.
- DB security: SQLMap, DbProtect, manual SQL injection testing.
- Static/Dynamic analysis: SonarQube, Trivy, Fortify, Checkmarx, Veracode.
- Protocols & Technologies:
- HTTP/S, REST, SOAP, TCP/IP, DNS, LDAP, OAuth/OIDC, JWT.
- Database platforms: MySQL, PostgreSQL, SQL Server, Oracle.
- Standards & Compliance:
- Familiarity with OWASP Top 10, SANS Top 25, PCI-DSS, ISO 27001/27002, NIST.
Preferred Skills
- Experience with cloud security testing (AWS, Azure, GCP).
- Familiarity with container and orchestration security (Docker, Kubernetes).
- Certification(s): OSCP, CEH, CISSP, CISM, or similar.
- Hands-on in DevSecOps integration and security automation frameworks (e.g., Jenkins,bGitLab CI, Terraform).
Soft Skills
- Strong analytical and problem-solving abilities.
- Excellent written and verbal communication for clear reporting and stakeholder engagement.
- Ability to work independently and as part of a cross-functional team.
About Company:
Rugged Monitoring is a company that specializes in providing advanced fibre optic-based sensing solutions for harsh and challenging environments. We offer a range of products and solutions designed to monitor critical parameters such as temperature, pressure, strain, and vibration in applications where traditional electrical sensors may not be suitable or reliable. We also design and develop the Intelligent Electronic Devices (IEDs) to monitor the different type of electrical machines (e.g., Transformer, Motor, Generator, Circuit Breaker etc.) and provides the software services to collect and analyse the acquired data for condition-based monitoring (CBM) at enterprise level.
Our R&D centre is in Hyderabad, India and head office is at Québec, Canada