Business Alliance HRis recruiting aCybersecurity Engineer (Security Specialist)for a High Tech Company offering digital healthcare solutions, located inRamallah, Palestine.

Job Summary:

We are seeking a Cybersecurity Engineer (Security Specialist) to lead and execute all cybersecurity-related activities across the company infrastructure, applications, and cloud environments. The role focuses heavily on penetration testing, vulnerability management, security hardening, and incident response, ensuring compliance with security best practices and regulatory standards.

Essential Duties and Responsibilities:

1. Perform penetration testing (network, web applications, APIs, cloud environments) and document findings clearly.
   

2. Conduct vulnerability assessments, risk analysis, and remediation follow-ups.
   

3. Own and manage security tools (SIEM, EDR, vulnerability scanners, WAF, etc.).
   

4. Review system, cloud, and application architectures for security weaknesses.
   

5. Implement and maintain security policies, procedures, and controls.
   

6. Monitor security alerts, investigate incidents, and lead incident response and remediation.
   

7. Work closely with DevOps and engineering teams to embed security into CI/CD pipelines.
   

8. Perform security hardening for servers, containers, Kubernetes, and cloud resources.
   

9. Ensure compliance with standards such as ISO 27001, SOC 2, HIPAA, or equivalent.
   

10. Prepare security reports, risk assessments, and executive summaries.
    

11. Support internal and external security audits and penetration tests.
    

12. Stay updated on emerging threats, vulnerabilities, and security best practices.
    

Requirements

Special Requirements & Skills:

1. Hands-on experience in cybersecurity and security operations.
   

2. Strong hands-on experience in penetration testing and ethical hacking.
   

3. Solid knowledge of network security, web security, and cloud security.
   

4. Experience with tools such as:
   

• Burp Suite, Metasploit, Nessus/OpenVAS.
  

• SIEM tools (e.g., Wazuh, Splunk, ELK).
  

• EDR/Endpoint Security solutions.
  

1. Strong understanding of Linux security.
   

2. Familiarity with cloud platforms (AWS, OCI, Azure, or GCP).
   

3. Knowledge of containers and Kubernetes security is a strong plus.
   

4. Ability to write clear technical reports and remediation plans.
   

5. Strong troubleshooting and analytical skills.
   

Preferred Requirements:

1. Security certifications (CEH, OSCP, Security+, CISSP, or similar).
   

2. Experience in DevSecOps practices.
   

3. Experience in healthcare, fintech, or regulated environments.
   

4. Familiarity with threat modeling and secure SDLC.
   

Years of experience:

Minimum 3 years of experience in a similar role.

Education:

Bachelor’s degree in Computer Science, Information Technology, Computer Engineering or a related field.

Location:

Languages Required: