Cybersecurity Specialist

Job Title: Cybersecurity Specialist

Location : Remote
Employment Type : Full-Time

Job Overview:

We are seeking a highly skilled Cybersecurity Specialist to join our team and secure our web application infrastructure. The ideal candidate will have experience securing environments with a Java-based backend , React frontend , and complex databases. You will play a critical role in safeguarding our systems, ensuring secure development practices, and defending against cyber threats.

As a Cybersecurity Specialist, you will collaborate with cross-functional teams, including development, IT, and compliance, to implement robust security measures throughout the software development lifecycle (SDLC) and infrastructure. You will be responsible for protecting our data, detecting vulnerabilities, and responding to security incidents, ensuring compliance with industry regulations.

---

Key Responsibilities:

Application Security:
- Collaborate with development teams to implement secure coding practices in Java (backend) and React (frontend), ensuring protection against vulnerabilities such as SQL injection, XSS, and CSRF.
- Validate and sanitize user inputs in both frontend and backend systems.
- Secure API connections between the frontend and backend, focusing on authentication , encryption , and rate-limiting .

Database Security:
- Implement and manage encryption strategies for sensitive data, both at rest and in transit, across the system.
- Apply access control policies, enforcing role-based access control (RBAC) and the principle of least privilege.
- Safeguard the database against SQL injection and other query-related threats using parameterized queries and secure database access patterns.

Network and Infrastructure Security:
- Configure and monitor firewalls, ensuring that only authorized traffic can access backend servers and the database.
- Ensure secure communication channels between all components using HTTPS , SSL/TLS , and VPNs as needed.
- Implement DDoS mitigation strategies to protect the website and backend systems.

Authentication and Authorization:
- Manage and maintain secure user authentication protocols, including OAuth , JWT , MFA , and secure session management.
- Design and enforce fine-grained access control for both frontend and backend, ensuring users only access what they are authorized to.

Vulnerability Management and Monitoring:
- Conduct regular vulnerability assessments and penetration testing on both the Java backend and React frontend, addressing issues identified from OWASP Top 10 and other industry standards.
- Oversee patch management to ensure all software, including Java libraries, React dependencies, and databases, are up-to-date.
- Set up and manage security monitoring tools like intrusion detection systems (IDS) and security information and event management (SIEM) systems to track and respond to suspicious activities.

Incident Response and Recovery:
- Develop, maintain, and execute a robust incident response plan to address security breaches quickly and efficiently.
- Perform post-incident investigations to identify vulnerabilities, remediate issues, and enhance security controls.
- Ensure data backup processes are in place and create disaster recovery strategies for business continuity.

Compliance and Auditing:
- Ensure the company’s web applications and infrastructure comply with data protection regulations such as GDPR , CCPA , and other industry standards.
- Conduct regular security audits and report findings, working to implement recommended improvements.

---

Requirements:

Technical Skills:
- Strong knowledge of Java application security, including secure coding practices, encryption, and API security.
- Experience with securing React applications, including preventing vulnerabilities like XSS, CSRF, and enforcing client-side security best practices.
- Proficient in securing databases, implementing encryption, access control, and protection against SQL injection.
- Familiarity with HTTPS , SSL/TLS , OAuth , JWT , and other secure communication and authentication methods.
- Experience with firewall management , DDoS mitigation , and secure network configuration.
- Hands-on experience with vulnerability scanning , penetration testing , and security tools such as IDS/IPS , SIEM , and firewall configurations .

Experience:
- Proven experience in securing web applications and API-driven architectures.
- Knowledge of OWASP Top 10 , NIST , and other security standards and frameworks.
- Experience in incident response, disaster recovery, and security compliance.

Soft Skills:
- Strong problem-solving and analytical skills.
- Ability to work cross-functionally with development, IT, and compliance teams.
- Excellent communication skills to convey security requirements and risks to stakeholders.

---

Qualifications:
- Bachelor’s degree in Cybersecurity , Information Technology , or related field (or equivalent experience).
- Relevant certifications such as Certified Information Systems Security Professional (CISSP) , Certified Ethical Hacker (CEH) , or Certified Cloud Security Professional (CCSP) are a plus.
- Minimum 5 years of experience in cybersecurity, with a focus on web applications and infrastructure.

---

Why Join Us?
- Opportunity to work on cutting-edge projects with a focus on modern technologies like Java , React , and Cloud .
- Collaborative environment with opportunities for professional growth.
- Competitive salary and comprehensive benefits package.

---

How to Apply :
Please submit your resume and a cover letter detailing your cybersecurity experience to careers@abiescreen.com .