About The Company -
OYO Hotels & Homes is the world’s third largest and fastest-growing chain of leased and franchised hotels, homes & spaces managing over 1 million exclusive rooms across 800 cities and 80 countries. OYO was founded on the mission that everyone deserves a quality living and working space and we are very passionate about this mission. Technology and Innovation plays a critical role in this mission and therefore today we employ World Class engineers, product managers and designers across core markets & geographies. If you are looking for a high pace environment, itching to create a large impact through technology impacting 100s of millions of customers across the globe, we love to hear from you.
Key Responsibilities:
- Conducting application(Web & Mobile) and infrastructure penetration testing assessments.
- Deploy, improve and utilize SAST/DAST/SCA and other cybersecurity solutions to detect & prevent security vulnerabilities.
- Work closely with the business, product and Development/engineering teams to provide input and guidance on developing secure products and help teams adopt shift-security-to-left practices.
- Work closely with the DevOps team to secure the cloud environment.
- Developing and maintaining cybersecurity process activities including security requirements engineering, threat modelling, code reviews and cyber risk assessment.
- Improve and automate cybersecurity processes within the CI/CD pipelines.
- Continuously review and identify security improvement opportunities in existing products, processes, services and workflows to ensure the people, products and technology in the organization are protected against current and future cybersecurity threats.
- Deliver awareness sessions on Secure Development to engineering/development teams
- Drive continuous improvement activities to define, measure, visualize and improve key cyber security metrics related to Application Security.
- Preparing and launching social engineering campaigns;
Key Skills:
- Expertise in application(Web & Mobile) and infrastructure penetration testing.
- Strong experience with Azure or AWS cloud environments and its security controls.
- Experience with microservices architectures & distributed Platforms
- Strong experience with using Agile software development and securing CI/CD pipeline.
- Coding Experience in Scripting & programming languages (such as Terraform, Java, Python, Ruby, etc.)
- Knowledge of how modern web & mobile apps are designed, developed and deployed across different platforms;
- Knowledge of common exploitation techniques and mitigations.
- Experience in implementing and managing a vulnerability management program (process and technology).
- Experience and knowledge of implementing a DevSecOps ecosystem and strong understanding of Dynamic and Static Application Security Testing (DAST & SAST).
- Understanding of the main cybersecurity tools (SIEM, IPS, XDR, etc.).
- Strong understanding of OWASP, PTES and other penetration testing methodologies.
- Understanding of global security frameworks and standards like NIST, ISO 27001, GDPR, PCI etc.
- Strong knowledge in preparing and launching social engineering campaigns.
- Ability to program or script in your preferred language
- Good understanding of network and OS principles
- Strong written and spoken English skills and ability to write high-quality reports
- An Information Security qualification e.g CSSLP, CEH, OSCP, or similar certification
Cultural Traits common to all OYO Leaders -
● Dealing with Ambiguity and Adaptability – we are a large, but fast-growing company today with not enough existing process or rules of engagements; and environment changes rapidly due to new businesses, geographies and strategic partnerships etc. You need to be able to create organization out of chaos, operate in an environment with minimal structure and adapt to change quickly while maintaining high velocity
● Ownership – anything between you and your job is also your job
● Bias for Action – speed matters a lot, so does quality. Ideal leader will be pragmatic, action-oriented and know the right balance between competing priorities
● Hunger to change the world – you need to be ambitious and willing to do more. If you believe you have already achieved your best and primarily looking to impart that vast knowledge, we aren’t the right place for you
Job Locations: We have a Pan India presence with Tech centers based out of Gurugram, Bangalore & Hyderabad. However currently we are working from our home.
About OYO Rooms
Similar jobs
MUST AWS Solution Architect Professional Certification
MUST 4+ years development experience in either Python, PHP, Go, Ruby -
coding experience
Nice to have Understanding of “TDD” (Test driven development
MUST 4+ years experience with continuous integration tools (Buildkite,
CircleCI, Jenkins, Bamboo)
MUST 4+ years experience with observability tools (One of NewRelic,
DataDog, Grafana, CloudWatch, similar)
MUST 4+ years experience with logging tools (one of SumoLogic, Scalyr,
Splunk, ElasticSearch, Elk, similar)
MUST 4+ years experience with configuration-as-code tools (one of
Terraform, CloudFormation, Ansible, Puppet, Chef)
MUST 2+ years experience with Docker containers / 12 factor
applications
MUST 1+ years experience with Kubernetes
Security Engineer Level 1
at Open financial technologies pvt ltd
Security Engineer Level 1
0-2 yrs | Bangalore Office
Responsibilities
- Candidate will be responsible for Security Operations Center alerting and monitoring.
- Candidate will be responsible for a vulnerability assessment, remediation, validation, and patching.
- Candidate will be responsible for 24/7 SOC monitoring and response.
- Candidate will be responsible remediation of identified vulnerabilities.
- Candidate will be responsible for threat hunting.
- Candidate will be responsible for AWS and GCP cloud security services.
- Candidate will be responsible for end point security and EDR monitoring.
- Candidate will be responsible for application security assessment and patching.
Requirements
- 0-2 years of relevant work experience.
- Bachelor’s degree (or higher) in Computer Science or related discipline.
- Experience in Security operation center(SOC).
- Strong understanding of security Incident response.
- Experience with an Endpoint security tool, EDR and associated incident response.
- Experience in SIEM, log ingestion, log parsing, and correlating.
- Experience in malware analysis and investigation.
- Experience with vulnerability management tools, vulnerability assessment, remediation, validation, and patching
- Knowledge of threat hunting, and he/she should have the capability to detect IOC (Indicator of Compromise) and
- IOA (Indicator of Attack).
- Good knowledge of SOC, security event monitoring, management, and response.
- Good verbal and written communication skills.
What you will bring along
- CEH / CompTIA security+ certification
- Proficiency in WAZUH, EDR, Firewall, Prisma Cloud.
- Knowledge of MITRE att&ck framework.
- Proficiency in digital forensics.
- Hands-on experience with AWS or GCP.
- Effective verbal and written communication skills.
- Candidate should know MITRE att&ck framework.
- SDLC and Devops
- Proficiency in understanding and implementing Security tools and services.
Why Work at Open?
- You will be part of the early tribe that is changing the way business banking rolls.
- Every atom of your work will impact the way millions of businesses are run.
- You will work with some of the brightest minds who will celebrate your quirks.
- You will find growth & fun to be two-way streets - how you thrive and the way you jive, in turn drives Open
Founded by a passionate team of serial entrepreneurs and alumni of IIT Delhi, U.C Berkeley, and well-known tech companies such as Uber and Zomato.
Sourcewiz is on a mission to increase India’s export GDP. This is a unique opportunity to
join a funded early-stage startup and have a massive impact on our product, culture, and
direction. It's a lot of work and a roller coaster ride. But, if you are up for it, you can join us
in replacing the tiresome and slow sales process for importers and exporters and have a
significant impact on our customers. We are not a company that believes engineers should be hidden away from decisions, churning out code for features decided from upon high. Instead, our Engineers form strong bonds with cross-functional peers in Product Management, Product Design and others to become experts in their product domain.
We’re looking for people with a strong interest in building successful products or systems;
are comfortable in dealing with lots of moving pieces; have exquisite attention to detail, and
comfortable learning new technologies and systems.
As a Site Reliability Engineer at Sourcewiz, you will...
• Own and improve the scalability and reliability of our products
• Working directly with product engineering team
• Work with RDBMS, Search, Caching and queuing
• Contribute expertise towards architectural planning and ensure the company builds
sustainable services that meet our customer expectations while leveraging appropriate
tools and frameworks.
• Ongoing participation in the review and testing
Job Responsibilities:
Experience: 8 Yrs to 12 Yrs
- Hands-on expertise on performing Application pen testing (Mobile(Android, IOS),networking, web application pen testing),
- Should worked on IOT,AWS,Application Penetration Testing, Reverse Engineering, source code review, CI/CD Pipeline
- have done any submission on Bug crowd or Bug Bounty.
- have developed tools or scripts for web pen test on GitHub.
- Certified on OSCP
- Threat Modeling
- Network scan in stealth mode or simple scan using Nmap and Burp suite
Implement security measures which monitor and protect sensitive data and systems from infiltration and cyber-attacks.
Developing different ways to solve the existing threats and security issues.
Configuring and implementing intrusion detection systems and firewalls.
Security product development, testing, and implementation.
Responsible for security technology research, penetration testing, and vulnerability scanning.
Please follow the below inputs.
The shift will starts from 03:00 PM to 12 AM (fixed for few months),
OSCP certification(Not mandatory, preferable)
Below are the primary key skills:
Total Application Security Experience:
Total Security Architecture Experience:
IOT(optional)
MOBILE
WEB
AWS(Mandatory)
NETWORKING
THREAT MODELS
Site Reliability Engineers
at Sarvaha Systems Private Limited
JD: Site Reliability Engineers
Location: PUNE, Remote
Sarvaha would like to welcome experienced SRE specialists with minimum of 5 years of professional experience in Google Cloud Platform or AWS based deployments and automation. Sarvaha is a niche software development company that works with some of the best funded startups and established companies across the globe. Your will be expected to work with a globally distributed team and contribute independently as well as lead a team of engineers. This is a hands-on position that would require you to be responsible for production software deployments across global availability zones.
Key Responsibilities
- Design, write and run services that provide visibility into a leading IoT platform & underlying services
- Automate deployments, diagnostic and debugging tools
- Participate in on-call rotations
- Adhere to industry-standard security best practices
- Work with other teams in troubleshooting and keeping the systems up and running
Skills Required
- Minimum Bachelor’s Degree in Computer Science or related degree
- Minimum 5+ years of total experience with at least 4 years of experience in SRE, DevOps or similar role. More experience in highly desired
- 4+ years of hands-on experience with one of AWS/Azure/GCP is must have for this position
- 1+ years of experience debugging code written in Python, Java or any strongly typed language
- 3+ years of experience with Kubernetes, Prometheus, ELK, Grafana, Nagios
- 2+ years of experience with Jenkins or similar build and deploy orchestration tool
- 2+ years of experience with RDBMs and no-SQL databases (MySQL, Oracle, Cassandra, CDH)
- 1+ years of experience writing infrastructure as code using Terraform
- Excellent verbal and written communication and strong interpersonal skills are requisite for success of this position
- Strong listening and interpersonal skills and attention to details is highly desired
Position Benefits
- Top-notch remuneration with non-linear growth
- Work with industry best cloud architects, DevOPs team and developers
- Excellent, no-nonsense work environment with the very best people to work with
- Cutting edge work with Fortune 500 businesses and learn from high-visibility systems that drive public facing, high-traffic systems
Senior DevOps Engineer
at Biostrap
Hey there!
Biostrap is based in Los Angeles, California with our team working remotely in several countries around the globe. This is a remote position, you’ll need a computer and a high speed internet connection.
We are looking for the tough kinds, the warrior ones, always learning Sr. Devops Engineers to take care of our infrastructure and site reliability @ Biostrap. As an engineer at Biostrap, you will be a part of a lean but extremely passionate team of engineers and work towards making and keeping Biostrap as the go-to best health platform
Responsibilities: What would the job be like?
- Work closely with the engineering team to deploy and maintain the infrastructure.
- Add automation at every part of the development and deployment lifecycle.
- Analyze and help in Infrastructure cost optimizations.
- Build and work with CI + CD workflows..
- Build robust observability system for system monitoring and tracing.
- Architect scalable logging servers.
- Add extensive alerting systems for various important issues, events using monitoring and logging services.
- Work with other engineers in developing architecture that is scalable and resilient to changes in product requirements and usage in an agile environment.
- Security Hardening of cloud infrastructure against known/unknown vulnerabilities
- Write Infrastructure as Code for most of the cloud.
- Suggest and implement pragmatic changes to infrastructure to increase performance, resilience and availability and to fool-proof infrastructure for future.
- Build auditing systems for various resource accesses and have a breach detection notification system.
- Do periodic security reviews and implement improvements.
- Be incharge of and manage deployments of various services.
- Work with aws resources, containers and systems like Ansible/EKS/kubernetes.
Qualifications: Who should apply for this role?
- You have 3+ years of working in small to medium size teams building and shipping products.
- Strong grasp of at least one of the scripting or systems languages like Python, Javascript, Golang etc.
- Good experience managing various AWS resources.
- Well equipped with Linux and Bash/Shell scripting
- Working knowledge of Docker or container management.
- Have some development experience with Kubernetes.
- You spin out containers as if it's your fantasy war ground.
- Understand deployment tools like Ansible or similar.
- Built and worked with CI+CD systems like Gitlab Ci, Jenkins, CircleCi, Travis etc.
- Working knowledge of GIT for version control.
- Experience with database management and security.
- Experience with Terraform for Infrastructure as Code.
- Knowledge of configuration management and secrets/keys management services like AWS KMS, Vault etc.
- Required to be proficient in English (both speaking and writing).
Brownie Points for (:D):
- You already use Biostrap and have plenty of feedback to provide.
- You can lecture developers on scalable infrastructures.
- You have built or worked with Prometheus, Grafana, ELK systems.
- You have a story to tell about how you managed a failure or was part of a disaster recovery.
- You contribute to Open Source projects or have a good Github/GitLab presence to showcase your past projects.
- You have sent your code to Space and it runs “a” Rover on Mars. :P
In-depth knowledge and hands-on experience with all of the AWS services and other similar cloud services
Strong knowledge of core architectural concepts including distributed computing , scalability, availability, and performance to recommend the best backend solutions for our products
Preferred AWS Certifications:
- AWS Solutions Architect Professional/Associate AWS DevOps Engineer Professional
- AWS SysOps Administrator - Associate AWS Developer Associate
Key Skills
- ITCAN is looking for an AWS Solution Architect who will be responsible for development of scalable, optimized, and reliable backend solutions using AWS services for all our products. You will ensure that our products consume AWS services in the mast effective methods. Therefore, a commitment to collaborative problem solving, sophisticated design, and quality product is important.
Responsibilities:
- Analyse requirements and devise innovative, efficient, and cost-effective architecture using AWS components and services that ensure scalability, availability and high- performance.
- Develop automation and deployment utilities using Ruby, Bash and Shell scripting and implementing
- CI/CD pipelines using Jenkins, Code Deploy, Git, Code Pipeline, Code Commit etc. To ensure seamless deployment with no downtime.
- Redesign architectures end Lo-end seamlessly by working through major software upgrades such as Apache.
- Ensure an always-running network with the ability to set up redundant DNS systems with failover capabilities.
- Ensure the AWS services consumed are aligned with best practices to ensure higher availability and security along with optimal cost utilization.
- Using AWS-managed services, implement ELK systems end-to-end.
Cyber Security Architect
Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting
- API
- AWS
Need a strong Amazon Web Service developer with experience developing APIs using Lambda functions. The candidate must have a very good familiarity with API and deployment of API in AWS knowledge are mandatory.