Cyber Security Engineer

We are seeking a hands-on Cyber Security Engineer in cybersecurity and infrastructure security across both on-premise and cloud environments (Azure and/or AWS). The ideal candidate will play a key role in strengthening RTS’s security posture as we operate and modernize hybrid infrastructure supporting mission-critical airline applications.

This role requires strong operational security expertise, experience supporting compliance frameworks (ISO 27001, SOC 2), and the ability to collaborate closely with IT, DevOps, and development teams.

Security Operations & Incident Response:

• Monitor and investigate alerts from SIEM, endpoint protection, firewall, and cloud security tools.
• Lead incident response, root cause analysis, and remediation.
• Maintain and enhance incident response playbooks.

Infrastructure & Cloud Security:

Secure on-premise environments including Windows Server, IIS, SQL Server, virtualization (Hyper-V/VMware).

• Implement and manage security controls in Azure and/or AWS environments.
• Manage firewall policies, network segmentation, VPNs, and cloud security groups.
• Ensure systems are hardened in line with CIS/NIST benchmarks.

Vulnerability & Risk Management:

• Conduct vulnerability assessments across on-prem and cloud workloads.
• Coordinate remediation with IT and DevOps teams.
• Support external VAPT and penetration testing engagements.

Application & Dev Security Collaboration:

• Support secure SDLC practices.
• Review application architecture and API security controls.
• Assist in implementing secrets management and identity controls in cloud environments.

Compliance & Governance:

• Support ISO 27001, SOC 2 Type II, GDPR, and related audits.
• Maintain security documentation and evidence repositories.
• Assist in risk assessments and security awareness programs.

Identity & Access Management:

• Enforce least-privilege access controls.
• Support role-based access control (RBAC) reviews.
• Conduct periodic access reviews and privilege audits.
• Implement and monitor least-privilege and privileged access management (PAM) controls.
• Support SSO, MFA, and secure identity federation across applications.

AI Security & Responsible AI Governance:

• Support secure deployment and monitoring of AI/ML components, including Large Language Models (LLMs) used within the platform.
• Ensure AI solutions are implemented in alignment with security, privacy, and data governance standards.
• Define and enforce controls around AI data usage, model access, prompt security, and API integrations.
• Collaborate with product and engineering teams to implement safeguards against data leakage, prompt injection, and model misuse.
• Participate in developing internal AI governance policies covering ethical use, bias mitigation, auditability, and regulatory compliance.
• Evaluate third-party AI services to ensure contractual, privacy, and security controls are adequate.

CANDIDATE REQUIREMENTS

Education

• Bachelor’s degree in Computer Science, Information Security, or related field.

Certifications

• Knowledge of Azure Security Engineer Associate / AWS Security Specialty
• Knowledge of CEH
• Knowledge of CISM
• Knowledge of CISSP
• Knowledge of CompTIA Security+
• Knowledge of ISO 27001 Lead Implementer/Auditor

Work Experience

• 6–10 years of experience in cybersecurity or IT security engineering.
• Experience in Airlines or travel domain is a plus.

Skills

• Strong written and verbal communication skills, with the ability to clearly articulate security risks, controls, and recommendations to both technical and non-technical stakeholders.
• Demonstrated experience securing both on-premise infrastructure and cloud environments (Azure and/or AWS).
• Understanding of AI/ML security risks, including data leakage, model vulnerabilities, prompt injection, and access control risks.
• Familiarity with emerging AI governance frameworks and responsible AI principles.

Hands-on experience with:

• Windows Server & Active Directory security.
• Network firewalls and IDS/IPS.
• SIEM and monitoring tools.
• Vulnerability scanning tools.
• Endpoint protection solutions.
• Cloud-native security controls (Azure Security Center, AWS Security Hub, IAM, etc.).

Strong understanding of:

• Network protocols and security architecture.
• Encryption, certificate management, and key lifecycle.
• Security frameworks (ISO 27001, NIST, CIS Benchmarks).