Cybersecurity Engineer, Technology Onsite

Job Description

Title: Cybersecurity Engineer, Technology Onsite

Company Name: BRACNet Limited

Vacancy: n/a

Age: Na

Job Location: Anywhere in Bangladesh

Salary: --

Experience:

• 3 to 4 years

Published: 2026-05-11

Application Deadline: 2026-05-19

Education: Requirements Education Bachelor of Science (BSc) in Computer Science & Engineering Bachelor of Science (BSc) in Electrical & Electronic Engineering Bachelor of Science (BSc) in Computer Science Professional Certification/ Training/ Others CEH (Certified Ethical Hacker). CSA (Certified SOC Analyst) OSCP (Offensive Security Certified Professional) CPENT (Certified Penetration Testing Professional) ECIH (EC-Council Certified Incident Handler) Burp Suite Certified Practitioner DevSecOps Professional

Requirements:

• 3 to 4 years

Skills Required:

Additional Requirements:

Responsibilities & Context: Experience 3 to 4 years Additional Requirements Proven expertise in VA/PT using tools such as Nessus, Burp Suite, OWASP ZAP, Nikto, Nmap, Hydra, Metasploit, Kali Linux. Good grasp of OWASP Top 10, MITRE ATT&CK, and threat modeling. Strong hands-on experience with CI/CD tools (GitLab, Jenkins, GitHub Actions). Solid understanding of Docker and Kubernetes security practices. Experience managing PAM platforms and enforcing access control policies. Proficient in Microsoft Sentinel (or equivalent SIEM tools), including KQL query development and custom rule creation. Understanding of log ingestion, correlation rules, and incident triage. Scripting knowledge (PowerShell, Bash, or Python) for security task automation. Strong knowledge of networking protocols (TCP/IP, HTTP/S, DNS, SMTP, VPN, NAT, ACLs). Experience with packet analysis, log interpretation, and cloud security (preferably Google Cloud Platform). Familiarity with WAF solutions (e.g., Cloud Armor) and cloud-native security controls. Responsibilities & Context Plan and execute regular vulnerability assessments on internal and external assets (web applications, networks, cloud, servers, and endpoints). Conduct penetration testing to simulate real-world attacks and evaluate system resilience. Conduct vulnerability assessments of containers, infrastructure as code, and cloud environments. Generate detailed reports outlining vulnerabilities, severity levels, and actionable remediation recommendations. Coordinate with project managers and development teams to prioritize and track remediation efforts. Validate fixes and ensure secure configurations are maintained. Administer, configure, and maintain PAM platforms to ensure secure, role-based access to critical infrastructure. Enforce least privilege policies and monitor privileged sessions for anomalies or policy violations. Review access rights and session logs regularly to maintain compliance and operational security. Configure and manage SIEM for real-time monitoring, log correlation, and incident detection. Monitor runtime environments (containers, Kubernetes) for suspicious behavior. Develop custom analytics rules, workbooks, alerts, and response playbooks to enhance threat visibility and automation. Integrate Sentinel with various log sources, including firewalls, cloud workloads, servers, and third-party security tools. Perform proactive log analysis and threat hunting to detect and mitigate risks. Threat Hunting & Incident Response Identify hidden threats and unusual behavior across systems and networks. Analyze packet captures (PCAPs), logs, and indicators of compromise (IOCs). Assist in incident response activities and forensic investigations. Information Security Management (ISMS) Maintain and update ISMS documentation, including risk registers, asset inventories, audit logs, and policies. Support internal audits and continuous improvement efforts to comply with ISO/IEC 27001:2022 requirements. Proven expertise in VA/PT using tools such as Nessus, Burp Suite, OWASP ZAP, Nikto, Nmap, Hydra, Metasploit, Kali Linux. Good grasp of OWASP Top 10, MITRE ATT&CK, and threat modeling. Strong hands-on experience with CI/CD tools (GitLab, Jenkins, GitHub Actions). Solid understanding of Docker and Kubernetes security practices. Skills & Expertise CI CD Cyber Threat Information Security Dockers and Kubernetes Kali Linux Google Cloud Platform OWASP SIEM vulnerability assessments Compensation & Other Benefits T/A,Mobile bill,Insurance,Gratuity,Provident fund,Weekly 2 holidays,Profit share Salary Review: Yearly Festival Bonus: 2 Workplace Work at office Employment Status Full Time Job Location Dhaka

Job Other Benifits:

Employment Status: Full Time

Job Work Place:

Company Information:

Gender: Both Male and Female can apply

Read Before Apply: Please apply only who are fulfilling all the requirements of this job

Category: