Cybersecurity & Network Specialist (Lahore - Onsite)

About the CompanyZIN Technologies is a technology firm based in Lahore, Pakistan, specializing in integrating subscription management APIs for Mobile Network Operators since 2007. Our expertise includes system development for GGSNs, RADIUS, and CDR interfaces for real-time alarms, analytics, and customer billing systems. We have a strong track record of delivering reliable services in IoT, M2M, APIs, Mobile Apps, and Software Development.About the RoleWe are looking for a proactive Cybersecurity & Network Specialist to manage and secure our IT infrastructure and support the secure development of applications. The ideal candidate will be responsible for maintaining network performance, implementing cybersecurity controls, monitoring threats, reviewing application code, and protecting application artifacts to ensure they meet security standards. This role is critical in safeguarding systems, data, and applications in a fast-paced software development company.Responsibilities1. Cybersecurity Operations:Implement and manage endpoint protection, antivirus, EDR/XDR tools, and threat detection systems.Regularly monitor logs, alerts, and dashboards (SIEM, firewalls, antivirus consoles) for suspicious activity.Conduct internal vulnerability scans and risk assessments; remediate findings.Apply security patches and updates across systems in a timely manner.Maintain secure access controls including Identity and Access Management (IAM), password policies, and MFA.2. Secure Code Review & Application Security:Collaborate with development teams to review application code from a security perspective.Identify and report vulnerabilities such as SQL injection, cross-site scripting (XSS), CSRF, insecure authentication, and misconfigurations.Ensure secure coding practices are followed during application development and deployment.Support the integration of static code analysis and security testing tools into CI/CD pipelines.Ensure the security and integrity of application artifacts (e.g., compiled binaries, Docker images, deployment packages) through scanning, signing, and secure storage.Educate developers on secure coding principles and emerging application security risks.3. Network Administration:Maintain and troubleshoot LAN, Wi-Fi, VPNs, and firewall configurations.Manage core networking devices (routers, switches, access points) and ensure high availability.Ensure secure and reliable connectivity across the office and remote access environments.Monitor network traffic for anomalies, performance issues, and potential breaches.4. Security Policies & Compliance:Support the creation, enforcement, and regular review of security policies, procedures, and standards.Assist in ensuring compliance with internal security requirements and external standards such as HIPAA, ISO 27001, SOC 2, and GDPR.Contribute to incident response planning and participate in simulations or tabletop exercises.Maintain proper documentation of security controls, access logs, audits, and network architecture.5. Infrastructure Hardening & Support:Harden operating systems (Windows/Linux) and network devices against known vulnerabilities.Configure secure backup and disaster recovery mechanisms for business-critical systems.Collaborate with DevOps and engineering teams to secure CI/CD pipelines, secrets management, and cloud integrations.Support secure integration of cloud platforms (AWS/Azure/GCP) with on-prem infrastructure.QualificationsEducation & Certifications:Bachelor’s degree in Computer Science, Information Security, or a related field.Certifications such as CompTIA Security+, CEH, Cisco CCNA Security, or Fortinet NSE are preferred.Familiarity with secure coding standards (OWASP Top 10, SANS CWE) and compliance frameworks (HIPAA, ISO 27001, etc.).Strong knowledge of network security: firewalls, VLANs, VPNs, NAT, IDS/IPS systems.Experience with security appliances (e.g., pfSense, FortiGate, Cisco ASA).Familiarity with secure coding practices in JavaScript, Python, PHP, or Java.Understanding of application artifact security: container scanning, code signing, SBOM (Software Bill of Materials).Experience with SAST/DAST tools (e.g., SonarQube, OWASP ZAP, Snyk).Scripting knowledge (PowerShell, Bash, Python) for automation.Cloud security knowledge across AWS, Azure, or GCP.Soft Skills:Strong attention to detail and a high level of integrity.Excellent communication and documentation skills.Ability to translate technical risk to business impact clearly.Self-motivated with effective task prioritization and time management.Why Join Us?Join a forward-thinking software company where security is built into development from day one.Work with cross-functional teams to shape secure systems, applications, and infrastructure.Gain exposure to DevSecOps, cloud security, and compliance readiness (HIPAA, ISO 27001).Support for continuing education and professional security certifications.