Cyber Security Analyst

Key Responsibility Areas:

Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex Web applications, operating systems, wired and wireless networks, and mobile applications/devices Delivering targeted and intelligence led security penetration testing through a robust testing methodology and process Craft and develop scripts, frameworks, tools, and the methods required for facilitating and executing sophisticated charges, emulating malicious actor behavior sought at avoiding detection Conduct security assessments on a wide variety of technologies and implementations Develop and maintain security testing plans Maintain and evolve a mature set of security penetration testing and internal Red Team processes covering all areas of technology Automate penetration and other security testing on networks, systems and applications Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk Produce actionable, threat-based, reports on security testing results Act as a source of direction, training, and guidance for less experienced staff Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators Foster and maintain relationships with key stakeholders and business partners

Required Skills:

2 to 6 years of experience in information security with web application and network penetration testing experience Fluent in common cyber security domains such as cloud security, access control, encryption, identify management, security operations, application security, penetration tests, endpoint security, vulnerability management, threat intelligence Strong understanding of OWASP top 10.

Experience or knowledge of IT security risk assessments and gap analysis In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) Hands on experience with testing frameworks such as the PTES and OWASP Experience of functional testing, UI/UX testing and manual testing, Load, Performance testing across multiple browsers and devices Hands-on experience in designing and writing test automation scripts using test automation frameworks and knowledge on API Testing Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud

Qualification: Masters/Bachelor’s Degree

About us:

HappyFox is a software-as-a-service (SaaS) support platform. We offer an enterprise-grade help desk ticketing system and intuitively designed live chat software.

We serve over 12,000 companies in 70+ countries. HappyFox is used by companies that span across education, media, e-commerce, retail, information technology, manufacturing, non-profit, government and many other verticals that have an internal or external support function.

To know more, Visit! - https://www.happyfox.com/

Responsibilities:

• Perform manual and automated application penetration tests and provide suggestions to harden our products
• Participate regularly in the development and release process to identify and report security vulnerabilities in the code being shipped
• Conduct regular audits on all Features/APIs of the product and reports vulnerabilities to the development team
• Keep up with industry trends in the security space
• Triage inbound vulnerability reports with an appropriate level of urgency and track them until they are resolved by Engineering teams
• Should be able to understand different elements of our NodeJS, Python and similar stacks and provide guidance on secure software development practices to the team
• Scale our application security engineering team

Requirements:

• Strong verbal and written communication skills
• Has worked on Web Application Security Testing for a reasonably complex application. The mobile experience is a plus
• Good knowledge of secure software development guidelines from authoritative bodies like NIST, OWASP, SANS
• Hands-on experience in performing manual/automated security assessments with open-source/commercial security tools

We are seeking a highly skilled and experienced Subject Matter Expert (SME) to join our team and provide valuable insights and analysis on our cybersecurity training content and competitors. Our business vertical focuses on delivering automated cybersecurity training through a software platform to over 1 million employees of our 150+ global customers. We cater to various industries and diverse backgrounds, with different levels of technical expertise. Thus, we create a diversified variety of content to cater to the training requirements of different user groups and personas. The SME's role will be pivotal in ensuring efficient and effective cybersecurity awareness training by creating high-quality content. 

Responsibilities: 

● Review and evaluate cybersecurity awareness content to ensure accuracy, relevance, and effectiveness. 

● Write industry-specific technical content to cater to the diversified audience.

● Provide feedback and recommendations to improve content quality and alignment with industry standards. 

● Conduct competitive analysis to identify industry trends, best practices, and potential gaps in our offerings. 

● Analyze global competitor strategies and offerings to identify strengths, weaknesses, and opportunities that benefit our customers. 

● Stay up-to-date with the latest cybersecurity trends and industry developments to ensure our offerings remain competitive. 

● Collaborate with cross-functional teams to ensure content is aligned with marketing and sales strategies. 

● Identify and refine complex security problems in a simplified and layman way. 

Qualifications: 

● Bachelor's degree or certifications in cybersecurity, computer science, or a related field.

● Minimum of 3-5 years of experience in cybersecurity content writing and competitive analysis.

● Strong knowledge of cybersecurity concepts and best practices. 

● Experience with analyzing competitor strategies and offerings. 

● Excellent communication and collaboration skills. 

● Strong analytical and critical thinking skills. 

● Self-motivated and able to work independently. 

● Ability to adapt to changing priorities and deadlines. 

If you are a cybersecurity professional with a passion for creating high-quality content and analyzing the cybersecurity industry's latest trends and developments, we encourage you to apply. Join our team and help us deliver top-notch cybersecurity awareness training to our global customers.

As a Senior Software Engineer for PreludeSys, you will:

·       Develop and manage, with 5+ years of experience in software development, planning development, guiding junior team members and over see delivery.

·       Should be adaptive to work in a constantly evolving environment. Analyze user requirements and write & test code, refining and rewriting it as necessary and communicate with leads involved in the project.

·       Strong analytical and reasoning skills with an ability to visualize processes and outcomes. Liaising with colleagues to implement technical designs. Create technical specification document.

You Are Great At:

·       Requirement gathering

·       Planning, development & testing

·       Tracking & status reporting

·       Issue handling and on time delivery

Must Have:

Primary Skills Required: Boomi/Mulesoft/Jitterbit/Azure LogicApp/Data Factory

Hands-on experience in any of the middleware technologies such as Dell boomi, Mulesoft, Jitterbit, Azure Logicapp/Data factory or IBM middleware technologies.

Any programming languages like Java, C#, Java Script, Python etc.

Secondary Skills: Required IBM suite of middleware tools.

Dear Candidate,

Greetings from HCL Technologies Ltd.

• Make sense of Cyber security and compliance frameworks that apply to your business or industry
  • Identify business risks, taking into account the role of your hosting service provider
  • Determine which Cyber security controls are required to mitigate your identified risks
  • Improve collaboration and communication during Cyber security Incident mitigation and response.
  • Establish the necessary framework based on NIST Framework to maintain and continually improve your information security program over time based on evolving scope and emerging risks
  • Document and track efforts for evidence collection and audit preparation

• will have primary responsibility for coordinating and implementing effective Cyber Security management across the account. This role will ensure that all Supplier obligations are met regarding compliance with Security guidelines, data protection, regulations, Supplier policies, and key controls.
• provide implementation and ongoing operation of Security management framework;
• be responsible for coordinating activities to address the key Security risk exposures;
• ensure Security awareness training of, and assistance in the implementation of robust Security management practices across Security operations;
• direct the design of controls to address emerging or new Security risk and compliance requirements;
• carry out regular and frequent assurance reviews of the design and operating effectiveness of Security controls;
• implement, monitor and report on key Security risk indicators to identify and address emerging risks;
• coordinate with other Service Providers and Security functions, to facilitate client’s audits and inspections;
• manage and report on responses and actions to address Security audit points, inspection deficiencies, or control weakness identified during normal operations.
• review outcome of cyber security risk assessment, timely implement open action items and report progress to stakeholders
• incorporate vulnerability testing as an integral part of change management
• Should have good knowledge of Cyber Security Framework and controls
• CISA ,CISM or CISSP certification should be preferred.
• Have good understanding of Security policy and process along with ITSM process.

Certified Ethical Hacker Requirements:

• Bachelor’s degree in Information Technology or Computer Science.
• CEH Certification.
• Proven work experience of at least 2-5 years as a Certified Ethical Hacker.
• Effective Programming Skills required but not limited to HTML, JavaScript, Python, PHP, SQL etc.
• Advanced knowledge of networking systems and security software.
• In-depth knowledge of parameter manipulation, session hijacking, and cross-site scripting.
• Technical knowledge of routers, firewalls, and server systems.
• Good written and verbal communication skills.
• Good troubleshooting skills.
• Ability to see big-picture system flaws.

• B.Tech/B.E.(IT/Computers), B.Sc( Computers), MSc (IT), BCA (Computer) or any equivalent graduation or post-graduation

• 5+ years of software development or site reliability engineering or equivalent experience
• Skilled at problem solving, algorithms, and data structures
• Building tools and scripting frameworks from scratch
• Working with Cloud Automation tools like CloudFormation, Terraform, CDK, aws-cli
• Scripting languages like Python, Groovy, PowerShell, Bash, Perl etc.
• Configuration automation using Ansible or equivalent tools
• Exposure to Windows, Linux administration skills
• Project management tools like Jira, Trello
• Prior experience in dealing with Datastore technologies like Postgres, MySQL, SQL, DynamoDB is desirable
• Familiarity with basic networking, security and cloud engineering concepts
• Team player who is eager to help others to succeed through mentoring and leading by example
• Highly collaborative with effective written and verbal communication skills