Cybersecurity Technical Assessment Engineer. Bratislava, Slovakia

Join our dynamic team at Airexplore, a proud member of the Avia Solutions Group!
Embrace the opportunity to work with a leading global aviation holding, while being based in Slovakia.

The role of a Cybersecurity Technical Assessment Engineer is crucial in ensuring the integrity, confidentiality, and availability of an organization's digital assets and sensitive information.

We are expecting from Technical Assessment Engineer to conduct independent technical assessments the effectiveness of controls and the overall compliance with the organization’s frameworks policies. To evaluate, test, and verify cybersecurity-related controls of network, hardware, software systems and application services, to ensure compliance with security requirements.

Description of responsibilities:

• Define methodologies and practices for system assessments.
• Define the clear scope, objectives, and criteria for assessments.
• Create an assessment plan with frameworks, standards, methodologies, and procedures.
• Prepare or develop technical toolsets for assessments.
• Establish target environments and manage activities to identify visibility issues, vulnerabilities, and weaknesses.
• Evaluate security objectives, requirements, and risks of target systems.
• Execute assessments, gather evidence, and document findings.
• Ensure compliance with cybersecurity laws, regulations, and standards.
• Collaborate with compliance auditors, risk managers, IT teams, and cybersecurity engineers to align and improve solutions.
• Maintain the integrity and security of assessment records.
• Deliver clear reports on conformity, assurance, audit, certification, and maintenance.

Work experience:

• At least 5 years of experience in IT security, cybersecurity, or information security roles.
• Proven expertise in developing and executing cybersecurity assessment plans, managing assessment activities, and ensuring technical compliance with regulations and standards.
• Skilled in collecting, evaluating, and maintaining assessment information while ensuring its integrity.
• Experience in evaluating security objectives, decomposing systems, and identifying weaknesses or ineffective controls.

Technical skills:

• Solid understanding of network infrastructure and assessment tools, including protocols such as TCP/IP, SFTP, HTTPS, SSH, SMB, LDAP, and an understanding of OSI layers (L2, L3, L4).
• Solid understanding of VPN systems and their various types, including site-to-site VPNs, remote access VPNs, SSL VPNs, and IPSec VPNs, with hands-on experience in implementations such as Palo Alto GlobalProtect and Windows-based VPN solutions.
• Hands-on experience with IT infrastructure, including virtualization technologies, operating systems (Windows and Linux servers/workstations), and container platforms (e.g., Docker, Kubernetes).
• Knowledge and practical experience with software servers, such as SQL databases, web servers (e.g., Apache, NGINX, IIS), and other enterprise applications.
• Expertise in Active Directory (AD) and Microsoft 365 security, with experience in designing and implementing defensive security controls.
• Proficiency with cybersecurity assessment tools, techniques, and scripting languages (e.g., BASH, PowerShell, Python).
• Capability to assess and review system hardening measures for both software and hardware security.

Risk and Incident Management:

• Experience in security event and incident risk analysis.
• Skills in digital forensics and investigative methodologies.

Standards and Frameworks:

• Strong knowledge of ISO 27000 series, NIST 800-53, CSC20, ENISA Threat Landscape, and CIS benchmarks.

Soft Skills:

• Ability to communicate, explain, and adapt technical, regulatory, and business requirements effectively to stakeholders.
• Analytical mindset to decompose and assess complex systems for vulnerabilities and control gaps.

Education:

• Bachelor’s degree in computer science, engineering, or a related field.
• English (B2 or higher).
• Cybersecurity-related certifications.

What do we offer?

• MultiSport card is your key to over 2700 sports facilities in Slovakia and the Czech Republic.
• One extra day off on your birthday.
• Snack day twice a month.
• Financial benefit to support your health, sport and beauty activities and to sponsor cultural activities and entertainment.
• Referral Bonus up to 1000 EUR.
• Daily food allowance and refreshments in the office.