CyberPWN Technologies Pvt Ltd

• 4 - 5 years of system engineering experience on any programming language such as Java / .net / Python / angular
• Must have delivered 5 to 6 real time integration engagements for Archer
• Must have experience in developing Custom Objects on Archer to call deployed APIs or Archer’s internal APIs
• Must have strong expertise in developing multi-threaded, scalable applications to support heavy data transactions
• Must have strong expertise in designing applications with architectural patterns such as MVC
• Great to have exposure to DevOps or DevSecOps
• Great to have exposure to source code review or secure coding practices

1. Perform security assessment of web applications, Android, iOS mobile applications, Source Code Review

2. In-depth knowledge of security vulnerabilities not just limited to OWASP Top 10

3. False Positive removal and manual application testing      

4. Working exp of Python, Java, .Net etc         
5. Experience of using MF Fortify is a must

6. Proactively identify vulnerabilities and recommend fixes

7. Ownership of the tasks, Adapt to technologies/languages/platforms/frameworks of the time                                                                                     

8. Experience in using security tools to carry out manual as well as automated security assessments

9. Experience working with common product flows like payment gateway integration, authentication etc.                                                          

10. Client handling exp

11. Should be able to address client queries, work on proposals etc                                                        

12. Independent, self-motivated and comfortable working in a fast-paced environment with teams ranging from product to engineering teams

1.Triage of security alerts that includes but not limited to malware, denial of service, unauthorized access, etc.

2. Conduct incident investigations on SIEM tools.

3. Perform threat hunting on networks to detect and isolate threats.

4. Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM and intrusion detection systems)

5. Continuous optimization, tuning and monitoring of SIEM solution

6. Hands on experience around administrating and threat hunting on EDR, XDR, DLP and SIEM tools.

7. Ability to analyze endpoint, network, and application logs

8. Identify false positives, analyse reported spam, phishing, and suspicious emails and understanding of email security concepts: SPF, DMARC, DKIM

9. Immediate Joiners

1) Determine client needs and expectations and participate in the development of the overall client service plan. Analyse, develop, and implement information security programs, including organizational design and key processes for our clients as per plans

2)Design and develop cyber security strategies and programs for large and complex organizations

3)Define and implement cyber risk management structures, governance models, organizational transformations in the areas of cyber security

4)Develop security policies, processes, procedures. Map controls and compliance requirements. Responsible for risk assessments, gap analysis (against standards and benchmarks), risk mitigation strategy development.

4)Roll out the GRC Cybersecurity controls framework while balancing the approach with end user experience and compliance

5)Develop and tailor approaches, methods and tools to support clients cyber risk programs and initiatives

6)Provide strategic and operational advice in the areas of safeguarding critical information. Identify areas requiring improvement in the client's business processes to enable preparation of recommendations. 7)Evaluate, implement and operationalize security controls, define metrics for measure performance and establish a framework for continuous monitoring and improvement and Play substantive role in internal and external client relationship and communication

8)Interact with CxOs to define the roadmap for GRC strategy.

9Help build Cyber Transformation practice by getting involved in areas beyond engagement delivery such as pre-sales, RFP response, solution designing, competency development and Go to market strategies

10)Create or help create though leadership content in the emerging areas of Cyber Strategy and Risk Transformation .

Immediate Joiners