Staff Platform Consultant - Security/Policy Engineer (Onsite, Islamabad, PKR Salary)

Pakistan·Islamabadlead

OtherPlatform Consultant

0 views0 saves0 applied

Apply Now

Quick Summary

Key Responsibilities

Implement, manage, and update information security policies and procedures in line with ISO 27001. Monitor network and endpoint security, investigate security issues, and respond to breaches.

Requirements Summary

3–6 years of experience in Application Security, Platform Security, or Security Engineering roles. Hands-on experience with OPA and Rego, including policy authoring, bundle distribution,

Technical Tools

OtherPlatform Consultant

Requirements

~1 min read

3–6 years of experience in Application Security, Platform Security, or Security Engineering roles.
Hands-on experience with OPA and Rego, including policy authoring, bundle distribution, and admission controller integration.
Strong understanding of Kubernetes security, including RBAC, Network Policies, Pod Security, and admission controllers.
Experience working with Vault, including policies, transit secrets engine, PKI, and dynamic secrets.
Hands-on experience with container and dependency scanning tools such as Trivy, Grype, Snyk, or Dependency-Track.
Knowledge of supply chain security, including image signing using Cosign or Sigstore and SBOM generation.
Proficiency in Python and/or Go for building security tooling and automation.
Strong documentation and communication skills, including experience in writing threat models, policy design documents, and incident reports.
Experience with tamper-evident audit systems, WORM storage, or hash-chained architectures.
Familiarity with ABAC or ReBAC frameworks such as OPA, OpenFGA, or Cedar.
Experience with compliance frameworks such as ISO 27001, SOC 2, or regional sovereign frameworks across Pakistan, UAE, and Saudi Arabia.
Background in offensive security, including penetration testing, red teaming, or CTFs.
Relevant certifications such as CISSP, OSCP, or CKS will be considered a plus.

Responsibilities

~1 min read

→Implement, manage, and update information security policies and procedures in line with ISO 27001.
→Monitor network and endpoint security, investigate security issues, and respond to breaches.
→Perform vulnerability assessments, identify security gaps in networks and websites, and conduct penetration testing.
→Conduct internal audits and reporting related to ISO 27001 and technical compliance.
→Manage Windows Server Security, PowerShell, and Linux system administration.
→Ensure 100% deployment of endpoint security, email security, phishing protection, and malware protection solutions.
→Continuously audit systems to ensure the implementation of approved security controls.
→Coordinate with IT teams and other stakeholders on security-related initiatives and operations.
→Analyze IT requirements and provide objective security recommendations.
→Lead assigned tasks to completion while ensuring the timely execution of security operations.
→Stay updated on the latest security threats, trends, and technologies.
→Demonstrate adaptability and a creative approach to problem-solving.
→Perform additional duties and responsibilities as assigned by management.