Job Responsibilities:
Experience: 8 Yrs to 12 Yrs
- Hands-on expertise on performing Application pen testing (Mobile(Android, IOS),networking, web application pen testing),
- Should worked on IOT,AWS,Application Penetration Testing, Reverse Engineering, source code review, CI/CD Pipeline
- have done any submission on Bug crowd or Bug Bounty.
- have developed tools or scripts for web pen test on GitHub.
- Certified on OSCP
- Threat Modeling
- Network scan in stealth mode or simple scan using Nmap and Burp suite
Implement security measures which monitor and protect sensitive data and systems from infiltration and cyber-attacks.
Developing different ways to solve the existing threats and security issues.
Configuring and implementing intrusion detection systems and firewalls.
Security product development, testing, and implementation.
Responsible for security technology research, penetration testing, and vulnerability scanning.
Please follow the below inputs.
The shift will starts from 03:00 PM to 12 AM (fixed for few months),
OSCP certification(Not mandatory, preferable)
Below are the primary key skills:
Total Application Security Experience:
Total Security Architecture Experience:
IOT(optional)
MOBILE
WEB
AWS(Mandatory)
NETWORKING
THREAT MODELS
About US based company
Similar jobs
JOB DESCRIPTION
- Lead of IT team must guide & manage dev-ops, cloud system administrators, desktop support analysts and also assist in procure & manage assets.
- Design and develop a scalable IT infrastructure that benefits the organization.
- Take part in IT strategic planning activities that reflect the future vision of the organization.
- Introduce cost-effective best practices related to the needs of the business needs of the organization.
- Research and recommend solutions that circumvent potential technical issues.
- Provide high levels of customer service as it pertains to enterprise infrastructure.
- Review and document key performance metrics and indicators to ensure high performance of IT service delivery systems.
- Take charge of available client databases, networks, storage, servers, directories, and other technology services.
- Collaborate with the network engineer to design infrastructure improvements and changes and to troubleshoot any issues that arise.
- Plan, design, and manage infrastructure technologies that can support complex and heterogeneous corporate data and voice infrastructure.
- Execute, test and roll out innovative solutions to keep up with the growing competition technologies that can support complex and heterogeneous corporate data and voice infrastructure.
- Create and document proper installation and configuration procedures.
- Assist in handling software distributions and software updates and patches.
- Oversee deployment of systems and network integration in association with partner clients, business partners, suppliers and subsidiaries.
- Create, update, and manage IT policies.
- Manage, & drive assigned vendors. Perform cost benefit analysis and provide recommendations to management
KEY Proficiencies
* Bachelor’s or Master’s degree in computer science, information technology, electronics, telecommunications or any related field.
* Minimum 10 years of experience in the above mentioned fields.
• 10+ years of work experience in IT with 5+ years in software development or application architecture and 3+ years in solutions architecture
• Thorough understanding of cloud native architectures, microservice architecture design patterns, containers, container orchestration, DevOps practices and security
• Professional experience in software engineering and architecture design
• Proven experience developing well architected AWS cloud infrastructure and solutions
• Experience in providing technical leadership and mentoring
• In-depth understanding of current security best practices
• Understand business analysis techniques and processes
• 3+ years of programming experience with JavaScript and/or TypeScript
• Strong understanding of object-oriented programming
Primary Skills |
Experience on network vulnerability scanning penetration testing |
Experience with Nessus NetCat, NMAP Backtrack, Metasploit,Wireshark , HPing, and similar tools set like RetinaCS, Qualys, McAfee (Foundstone) |
Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) |
In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database |
Thorough and practical knowledge of OWASP |
Hands on experience with popular application security tools – Nessus, Burpsuite, Netsparker, Metasploit, KALI Linux |
Working knowledge of manual testing of web applications |
Good knowledge of modifying and compiling exploit code |
Good understanding and knowledge of codes languages |
Has practical experience in auditing various OS , DB , Network and Security technologies |
Microsoft office – Word, Excel, PowerPoint |
About The Company -
OYO Hotels & Homes is the world’s third largest and fastest-growing chain of leased and franchised hotels, homes & spaces managing over 1 million exclusive rooms across 800 cities and 80 countries. OYO was founded on the mission that everyone deserves a quality living and working space and we are very passionate about this mission. Technology and Innovation plays a critical role in this mission and therefore today we employ World Class engineers, product managers and designers across core markets & geographies. If you are looking for a high pace environment, itching to create a large impact through technology impacting 100s of millions of customers across the globe, we love to hear from you.
Key Responsibilities:
- Conducting application(Web & Mobile) and infrastructure penetration testing assessments.
- Deploy, improve and utilize SAST/DAST/SCA and other cybersecurity solutions to detect & prevent security vulnerabilities.
- Work closely with the business, product and Development/engineering teams to provide input and guidance on developing secure products and help teams adopt shift-security-to-left practices.
- Work closely with the DevOps team to secure the cloud environment.
- Developing and maintaining cybersecurity process activities including security requirements engineering, threat modelling, code reviews and cyber risk assessment.
- Improve and automate cybersecurity processes within the CI/CD pipelines.
- Continuously review and identify security improvement opportunities in existing products, processes, services and workflows to ensure the people, products and technology in the organization are protected against current and future cybersecurity threats.
- Deliver awareness sessions on Secure Development to engineering/development teams
- Drive continuous improvement activities to define, measure, visualize and improve key cyber security metrics related to Application Security.
- Preparing and launching social engineering campaigns;
Key Skills:
- Expertise in application(Web & Mobile) and infrastructure penetration testing.
- Strong experience with Azure or AWS cloud environments and its security controls.
- Experience with microservices architectures & distributed Platforms
- Strong experience with using Agile software development and securing CI/CD pipeline.
- Coding Experience in Scripting & programming languages (such as Terraform, Java, Python, Ruby, etc.)
- Knowledge of how modern web & mobile apps are designed, developed and deployed across different platforms;
- Knowledge of common exploitation techniques and mitigations.
- Experience in implementing and managing a vulnerability management program (process and technology).
- Experience and knowledge of implementing a DevSecOps ecosystem and strong understanding of Dynamic and Static Application Security Testing (DAST & SAST).
- Understanding of the main cybersecurity tools (SIEM, IPS, XDR, etc.).
- Strong understanding of OWASP, PTES and other penetration testing methodologies.
- Understanding of global security frameworks and standards like NIST, ISO 27001, GDPR, PCI etc.
- Strong knowledge in preparing and launching social engineering campaigns.
- Ability to program or script in your preferred language
- Good understanding of network and OS principles
- Strong written and spoken English skills and ability to write high-quality reports
- An Information Security qualification e.g CSSLP, CEH, OSCP, or similar certification
Cultural Traits common to all OYO Leaders -
● Dealing with Ambiguity and Adaptability – we are a large, but fast-growing company today with not enough existing process or rules of engagements; and environment changes rapidly due to new businesses, geographies and strategic partnerships etc. You need to be able to create organization out of chaos, operate in an environment with minimal structure and adapt to change quickly while maintaining high velocity
● Ownership – anything between you and your job is also your job
● Bias for Action – speed matters a lot, so does quality. Ideal leader will be pragmatic, action-oriented and know the right balance between competing priorities
● Hunger to change the world – you need to be ambitious and willing to do more. If you believe you have already achieved your best and primarily looking to impart that vast knowledge, we aren’t the right place for you
Job Locations: We have a Pan India presence with Tech centers based out of Gurugram, Bangalore & Hyderabad. However currently we are working from our home.
What will you do?
- Act as senior level escalation point for technical remediation of incidents and service requests.
- Work as L2 resource in AWS Cloud infrastructure and system administration team providing technical support and resolving issues
- Troubleshoot technical issues faced which could be related to external interfaces, networking, application and Ubuntu configuration, IIS Configuration, Linux Servers etc.
- Resolving urgent and immediate requests by support team in a vibrant and demanding environment.
- Test upgrades and patches from development team prior to client rollout
- Document the Interface testing and other details, update and complete all handovers.
- Coordinate directly with on-site IT, vendors, off-site helpdesks over email or phone calls to complete technical assignments.
- Do audit of new implemented properties for initial few weeks and identify the repeated issues reported by property.
Technical Competencies you’ll possess:
- Strong Linux and Windows Administration skills
- In depth knowledge of the windows servers & Linux servers.
- Good understanding of AWS Cloud Infrastructure, Networking, Firewall, Infrastructure, SQL and IIS Configuration, Ubuntu Configurations and MySQL.
- Working knowledge of interfaces and integrations of systems.
- Enhanced troubleshooting skills.
- Possess a good understanding of Internet based technologies including DNS, Security, IP Routing,- SSH, FTP, HTTP/HTTPS, Email Routing, etc.
o Tools:
CrowdStrike Falcon Sensor - Or similar AV engine
Cisco Umbrella Web Filtering – Or similar Web Proxy Filter
Cisco FTD Intrusion Prevention – Or similar IPS/IDS
O365 Email Protection (Spam, Phishing) - Or similar
Phish Insight (Phishing Campaigns) - Or similar phish campaign technology
Nessus Professional – Or similar vulnerability scanning tool
Cisco NGFW – Or similar FW technology
o Technologies:
Cloud (AWS IaaS, O365 SaaS),
On Premis (Windows 90%, Linux 10%)
o Processes:
Computer security incident response
Security reviews and assessments
Vulnerability management Penetration tests
Manage Level 3 security incidents and requests
Ensures compliance with corporate policies and procedures
Research new ways to improve existing technical security controls
Project SME and Lead for security related projects
Conduct Risk assessments and assist in remediation activities
Assist in internal and external audit activities
Required Experience and Skills:
Bachelor's degree in Information Security, Computer Science or Engineering
Minimum of 3 years in security engineering
Knowledge in cloud ecosystems security - Amazon AWS, Microsoft O365
Ability to work well in an international team (US or EU time zone)
English spoken and written on at least B2 level
Understanding of security monitoring and identification concepts
Assessing and understanding the impact, severity and urgency of issues
Cybersecurity Certifications an advantage but not essential: CEH, C|HFI, CISSP, CISA, CISM
Expertise across a variety of security products including those listed in requirements above
• Hands-on experience in tasks automation experience via scripting
• Hands-on experience in implementing auto-scaling, ELBs, Lamdba functions, and other auto-scaling technologies
• Experience in vulnerability management and security.
• Ability to proactively and effectively communicate and influence stakeholders
• Experience in virtual, cross-functional teamwork
• Strong customer and service management focus and mindset
• Solid and technical hands-on experience with administrating public and private cloud systems (compute, storage, networks, security, hardware, software, etc)
• AWS Associate, Professional or Specialist certification
About the Role
Dremio’s SREs ensure that our internal and externally visible services have reliability and uptime appropriate to users' needs and a fast rate of improvement. You will be joining a newly formed team that will spearhead our efforts to launch a cloud service. This is an opportunity to join a very fast growth startup and help build a cloud service from the ground up.
Responsibilities and Ownership
- Ability to debug and optimize code and automate routine tasks.
- Evangelize and advocate for reliability practices across our organization.
- Collaborate with other Engineering teams to support services before they go live through activities such as system design consulting, developing software platforms and frameworks, monitoring/alerting, capacity planning and launch reviews.
- Analyze and optimize our core product by developing and implementing reliability and performance practices.
- Scale systems sustainably through automation and evolve systems by pushing for changes that improve reliability and velocity.
- Be on-call for services that the SRE team owns.
- Practice sustainable incident response and blameless postmortems.
Qualifications
- 6+ years of relevant experience in the following areas: SRE, DevOps, Cloud Operations, Systems Engineering, or Software Engineering.
- Excellent command of cloud services on AWS/GCP/Azure, Kubernetes and CI/CD pipelines.
- Have moderate-advanced experience in Java, C, C++, Python, Go or other object-oriented programming languages.
- You are Interested in designing, analyzing and troubleshooting large-scale distributed systems.
- You have a systematic problem-solving approach, coupled with strong communication skills and a sense of ownership and drive.
- You have a great ability to debug and optimize code and automate routine tasks.
- You have a solid background in software development and architecting resilient and reliable applications.
The Cyber Security Analyst will help to assess, plan, and enact security measures to protect the Hubbell organization from security breaches and attacks on its computer networks and systems. This job involves simulating attacks to identify vulnerabilities, testing new software to help protect the
company & data, and assisting users in adhering to new regulations and processes to ensure safety and compliance. The Cyber Security Analyst will work as part of the Security Operations team to execute, monitor and report-out on the scheduled tasks associated with maintaining the overall cyber hygiene for the company
Respond and investigate security breaches and other cybersecurity incidents.
Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
Work in conjunction with the cybersecurity team to develop automation for scheduled tasks and reporting
Respond to specific threats, evaluating company exposure, and risk.
Assist in the execution of penetration testing.
Research security enhancements and make recommendations to management.
Stay up to date on cybersecurity trends, threats, and remediation
Attend daily security operations meetings
Qualifications
A degree in Computer Science, IT, Systems Engineering or a related qualification
2-3 years of experience with software development in C-Sharp, Python or Java
2 years of experience with scripting tools such as PowerShell, Unix Bash and Bourne
Familiarity with patch management
Familiar with common cyber frameworks and tools such as NIST and MITRE Attack
Awareness of common cybersecurity threats and hacking methodologies
Preferred
Previous experience with Incident response and forensics
Knowledge Network security and segmentation
• Develop and Maintain IAC using Terraform and Ansible
• Draft design documents that translate requirements into code.
• Deal with challenges associated with scale.
• Assume responsibilities from technical design through technical client support.
• Manage expectations with internal stakeholders and context-switch in a fast paced environment.
• Thrive in an environment that uses Elasticsearch extensively.
• Keep abreast of technology and contribute to the engineering strategy.
• Champion best development practices and provide mentorship.
What we’re looking for
• An AWS Certified Engineer with strong skills in
o Terraform
o Ansible
o *nix and shell scripting
• Preferably with experience in:
o Elasticsearch
o Circle CI
o CloudFormation
o Python
o Packer
o Docker
o Prometheus and Grafana
o Challenges of scale
o Production support
• Sharp analytical and problem-solving skills.
• Strong sense of ownership.
• Demonstrable desire to learn and grow.
• Excellent written and oral communication skills.
• Mature collaboration and mentoring abilities.