Associate/Sr Ass-Info Security

1. Regularly produce various content types, including email, social media posts, blogs, and white papers.

 2. Actively manage and promote our blog, and pitch articles to relevant third-party platforms.

 3. Edit content produced by other members of the team.

 4. Collaborate with other departments to create innovative content ideas.

 5. Create eye-catchy and innovative headlines and body copy.

 6. Writing a wide variety of topics for multiple platforms

 Content Writer Skills:

 • Excellent verbal and written communication skills.

 • 1-6 years of experience in technical writing.

 • Creative and innovative thinker and planner.

 • Assists team members when needed to accomplish team goals.

 • Good interpersonal and communication skills

 • Familiarity with keyword placement and SEO

 • The ability to consistently meet tight deadlines

Why should you join us:

· Fixed working timings- 5 days working

· Attractive Incentives

· Young & Vibrant work culture

Experience:- Overall 10 to 12 years of experience of which atleast 5 to 7 years’ experience should be in Information Security. Mandatory is 5 to 7 years’ experience in Information security and with one full end to end implementation experience.

Base location: - Bengaluru - Must

Requirements: -

1. Mandatory - ISO 27001:2013 lead implementor certified
2. Mandatory - ISO 27001:2013 lead auditor certified (but if it is a good candidate, we can still consider)
3. Good to have – CISA, CISM, Risk management certification, Privacy certifications.
4. Mandatory - Atleast one end to end implementation experience of ISO 27001 standard. The candidate should have a good implementation knowledge of ISO 27001, ISO 27002 standards and is required to implement the ISO requirements and run the ISMS program for multiple countries.
5. This immediate requirement is for implementing the ISMS program for our Canadian office location. The candidate should be willing to work from Bengaluru in EST time zone during this implementation phase whenever required.
6. Good documentation skills.
7. Develop, implement, maintain, review and continually improve Information Security policies.
8. Good understanding and knowledge of applicable legal and regulatory requirements as relevant to information security.
9. Manage and maintain a risk register / risk database along with risk treatment plans.
10. Good understanding of physical and environmental security.
11. Conduct Internal Audits based ISO 27001 standards and Personal Data Protection policies. A good experience in independently conducting Internal and supplier audit with respect to information security.
12. Provide training to the employees on Privacy & Information Security Management System on regular intervals.
13. The greater part of the job involves interacting with people, interviewing them / auditing, Preparing audit reports, discussing / persuading / influencing.
14. Mandatory: Good verbal and written communication skills. Eye for details.
15. Good presentation skills.
16. Since this is a trusted role, candidates must be willing to undergo extensive background checks to verify their identity, character, qualifications, skills and experience.

Roles and responsibilities:

- Audit the current Information Security system and procedures and do a Gap analysis

- Identify immediate potential Information Security Risks and manage remediation tasks through to closure

- Create an Information Security Compliance Roadmap and execute end-to-end compliance initiatives by that roadmap

- Design high-quality test plans and direct Data/Information security control test activities

- Continuously improve Octro Data/Information security control framework

- Maintain handbook pages and procedures related to Information security compliance

- Identify opportunities for Information security compliance control automation, execute them and then maintain

- Provide actionable and constructive advisement to cross-functional teams, including driving remediation activities for high and select moderate-risk Observations across all Octro departments

- Design, develop, and deploy scripts to automate continuous control monitoring, administrative tasks and metric reporting for all security compliance programs

- Direct and support external audits as and when necessary

Requirements

- A minimum of 6-8 years' experience working with Data/Information Security Compliance programs

- Detailed knowledge of common information security management frameworks, regulatory requirements and applicable standards such as: ISO, SOC 2, GDPR, PCI etc.

About Octro Inc :

We are one of the fastest-growing mobile gaming companies around, a technology-driven organization at heart, and take pride in the platforms we create.

Founded in 2006 with a mission to create productivity applications for Mobile Devices. After pioneering one of the first mobile Voice-over-IP infrastructures called OctroTalk, the company ventured into building mobile gaming platforms. Sequoia Capital has invested in Octro. The funding was announced in June 2014.

About Us 

Rezo.ai is an AI-Powered Contact Centre that enables enterprises to enhance customer experience and boost revenue by automating and analyzing customer agent interactions across multiple channels including voice, email, chat/WhatsApp, and social, at the required scale, whilst training agents with minimal costs 

How do we do it 

Rezo’s AI-Powered contact center leverages ground-breaking technologies in AI, ML, ASR, NLP, RPA, and predictive intelligence to transform customer experience and reduce costs by automating, analyzing social media, whilst coaching them.

Overview

Providing leadership in the information security space, helping ensure ISO and GDPR certification, and establishing, maintaining, and enforcing our security policies. Working closely with our business and technology teams to ensure awareness and adherence to the policies and procedures established.

To ensure that the security solutions being designed and delivered are aligned with the enterprise security architecture, supporting the transition of the security architecture from its current to its planned future state.

To lead and provide strategic oversight to ensure and assure the beneficial and cost-effective security change across key accounts, through the evaluation of business strategies and requirements providing advice, guidance and assurance.

Role & Responsibility

• Provide security advice and guidance to business and delivery teams ensuring solutions are consistent with the enterprise security roadmap whilst balancing business values and security risk.
• Recommend changes to IT systems to bring them into compliance with security policy, standards, blueprints and roadmaps.
• Influence stakeholders to adopt architecturally sound approaches to the management of risk.
• Advise on the translation of business requirements into secure IT solutions and migration roadmaps.
• Preparation and documentation of standard security operating procedures and protocols
• Recommend technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Advise on alternate solutions and countermeasures to mitigate identified information risks.
• Provide assurance that identified solutions or countermeasures mitigate identified information risks.
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Implements security improvements by assessing the current situation; evaluating trends; anticipating requirements.
• Keeps users and businesses informed by preparing performance reports; communicating system status, and owning security incidents when they arise.

Technical Skills Required

• Proven experience in the design, implementation and operation of scaled IT security services and capabilities, ideally within a large government organization or complex large-scale multi-supplier organization.
• Strong technical aptitude and exposure to ISO 27001 or similar-based security policies and standards.
• Excellent communication skills, with the ability to articulate complex technical issues into business-focused terms and communicate with Stakeholders.
• Knowledge of GDPR, its business implications and the merits of various technical approaches
• Expertise in IT security risk in a business context
• Exposure to web application security and penetration testing.
• Exposure to securing the software development life cycle and to project management disciplines.
• Excellent organizational and technical documentation skills.
• Strong understanding of Information Security including threats, attacks, and vulnerability management.
• Deep understanding of secure development practices, with practical experience of cyber security, privacy protection, cloud security, identity management, situations awareness, protective monitoring, security operations, risk management and reporting.

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.

Responsibilities:

• Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
• You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
• You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
• You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
• You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
• Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members

Minimum qualifications:

• BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
• Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
• Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
• Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
• Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
• Good understanding of complexities and security challenges in large-scale distributed systems
• Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
• Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
• Excellent written and verbal communication skills
• Strong interpersonal, team building, and mentoring skills

Job description – Information Security (Network)

Roles and Responsibilities

Company will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills

Work profile of individual

• As part of the company cyber security consulting team, individual’s primary role would be to work with ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS , Cyber Security, SOX ITGC on customer engagements
• Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
• Will be an active participant in internal / third party system security reviews and audits on customer engagements
• Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
• Will be responsible for implementation of new projects under Information Security Domain
• Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
• Will assist in development of proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
• Will engage with clients and(or) application development teams for implementation of cyber security & data privacy by design and data protection controls.
• Will support the clients with ongoing design, implementation and maintenance of the data privacy framework for managing data protection risk including responding to legislation, devising and owning policies and training.
• Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.

Team work

• Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
• Individual would predominately work with off-shore engagement teams and relevant  teams on presale and cyber security delivery.
• Communication, written and verbal, with these teams would be expected.
• Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
• Team members would be required to handle multiple tasks at the same time.
• Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.

Desired Candidate Profile

• Bachelors
• Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX or equivalent and other relevant qualification/certification
• Experience : 3-5 years
  
  

Knowledge Required:

• Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
• Good understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
• Good understanding of technical security like network security, operating system, encryption, use of tools and technologies for various processes like logical access control, network security, security monitoring etc.
• Sound knowledge of Internal Controls and Compliance. Must be able to recommend controls around people, process, and technology.
• Sound knowledge on IT controls (especially IT risks). Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
• Good knowledge on Privacy, Governance and reporting
• Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
• Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
• Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.

Additional Responsibilities:

• Ability to assist in value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
• Good knowledge on software configuration management systems and license Management systems
• Awareness of latest technologies and Industry trends
• Logical thinking and problem solving skills along with an ability to collaborate
• Understanding of the financial processes for various types of projects and the various pricing models available
• Ability to assess the current processes, identify improvement areas and suggest the technology solutions
• One or two industry domain knowledge
• Client Interfacing skills
• Project and Team management

Information Security Specialist

Notice Period: 45 days / Immediate Joining

Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA. 

We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.

It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges. 

Key Qualifications

· Design, deploy, and support Information Security Solutions provided by BDS

· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms

· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.

· Research and strategic analysis of existing, and evolving all IT and data security technologies

· Establish baselines to define required security controls for all infrastructure components and application stack

· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.

· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts

· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up

· Must be able to work a flexible schedule during off-hours

Key Skills & Qualification

· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance

· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)

· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk

· Exposure of the security audit tools on public cloud platforms

· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture

· Certified Ethical Hacker would be a plus

· Handling of Security audits is a must

· Proven interpersonal skills while contributing to team effort by accomplishing related results

· Passion for learning new technologies and the ability to do so quickly.

http://www.banyandata.com" target="_blank">www.banyandata.com 

The Role

We are looking foran Information Security Analyst – Compliance to primarily strengthen our practice towards compliances such as HIPAA, HITRUST,etc. and ensure highest levels of security around sensitive data.

• Identifying new risks and performing risk assessments.
• Performing continuous gap analysis.
• Auditing the applications, configurations, and internal practices against standards such as HIPAA, HITRUST etc.
• Providing advice and implementing forward-thinking information security policies, procedures, and standards.
• Assisting several teams (internal and external) with best practicesand security consultations.
• Supporting with other information security activities as assigned.
• Ensuring the organizational compliance during audits and certification efforts.

Requirements:

• Demonstrated experience in implementing and maintaining security standards such as HIPAA, HITRUST, SOC2, ISO 27001 etc.
• Ability to understand and interpret legal, regulatory, and contractual compliance requirements.
• Experience in InfoSec policy creation and documentation.
• Ability to understand technology and pertaining risks.
• Knowledge on IT, Servers, SDLC, Database, etc.
• Experience working with / securing cloud-based applications is an add-on.
• 2+ years of experience.
• Excellent written and verbal communication skills.
• Relevant Security Certifications will be a good add-on.

Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption 
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting