Cyber Security Engineer

Who is Softway?

Softway is a business-to-employee solutions company. We work with businesses to impact the everyday behaviors, mindsets, and attitudes  and help drive valuable changes within.Faster innovation and more inclusion to lead cultural and  digital transformations and make human-focused technology to propel businesses. Our solutions include culture & inclusion services and products, technology experiences, and communications. Ultimately, we believe love is a business strategy.

Who are we looking for ?

Softway is on the lookout for a AWS Cloud Engineer who is passionate about building products that our customers love. You will join a dynamic and fast-paced environment and work with cross-functional teams to design, build and roll-out products that deliver the company’s vision and strategy.

What you should be (More imp than what you should know): 

You think in bigger picture terms and impart that on whole systems rather than a single isolated use case.

You have a passion for imparting best practices to other developers and the organization as a whole.

You can work alongside developers and clients to architect solutions and/or troubleshoot a current solution

You should be able to share your learnings with your team and contribute to a training system that empowers other members of the organization

You would rather invest the time to automate a problem than do the same work again.

You have a passion for learning while making an impact.

A sense of humor and the ability to banter is a MUST

What you should know:

Production level experience with AWS cloud platform and its core services.

Good understanding of the network layer (TCP/UDP, Ports, Firewall, NAT, Subnets, VPC, VPN)

Hands on providing solutions for Redshift and Aurora and other databases.

Experience in release management using CodePipeline and Bitbucket

Big Data solutions on AWS using Firehose, Kinesis, Redshift etc.

Serverless Microservice solution using Lambda, AppSync, ECS etc

Experience on working with Microservices based architectures.

Experience and understanding of hosting and maintaining applications on Docker containers.

Hands on Experience on hosting, maintaining and monitoring highly available, fault tolerant and disaster recovery applications. (Load Balancing, Autoscaling and various deployment strategies)

Strong experience working on Linux based infrastructure.

Incidence management, performing root cause analysis and excellent troubleshooting skills.

Infrastructure automation using AWS CloudFormation Terraform and other tools in the HashiCorp Suite.

Exposure to different phases of software development life cycle.

Experience of working with Service Oriented Architecture.

Production level experience of configuring and maintaining databases ( MongoDB, Postgres, MySQL, etc)

Good to have : 

AWS certifications such as AWS Certified Solutions Architect, AWS Certified Developer, or AWS Certified SysOps Administrator are highly desirable.

Why Softway?

Softway’s cross-functional team structure, varied domains and flat hierarchy offer much exposure and learning from a bird's eye-view. You’d love the interaction with our talented folks. Softway gives you ample learning opportunities, pushing you while having your back. We work hard and party harder !! We encourage you to voice your opinions and yes, we actually listen. We take pride in having an ego-less workforce, it allows us to focus on what we’re good at - bringing solutions to life. In addition to a competitive salary and great work culture, we offer GREAT FLEXIBILITY which includes having 2 Fridays off in a month as part of moving to an action-packed, efficient 4 day week.

CoinFantasy is looking for a tech enthusiast working primarily on blockchain technology to be part of the core blockchain team at CoinFantasy. You would be a part of the Roadmap team that is working on the architecture, design, development, and deployment of our decentralised platform.

Your primary responsibilities would be analysing requirements, designing blockchain technology around a certain business model, and writing smart contracts.

Job Responsibilities

• Administer our blockchain, database, and DevOps infrastructure.
• Cross team collaboration to coordinate safe, efficient releases.
• Build complex pipelines for
• Databases, Messaging, Storage, Compute in AWS.
• Build deployment pipeline with Github CI (Actions).
• Build tools to reduce occurrences of errors and improve our protocols.
• Develop software to integrate with internal back-end systems.
• Perform root cause analysis for production errors.
• Investigate and resolve technical issues.
• Design procedures for system troubleshooting and maintenance.

Requirements

• 8+ years of Experience working with DevOps, Infrastructure, Site Reliability or Cloud Engineering
• Understanding the entire tech stack of Blockchain Dapps 
• Strong experience working with any configuration management tools 
• Languages: Any modern programming language 
• Experience working with some of the major public clouds. e.g. AWS, Azure
• Competent with the “basics”: E.g. Computer Networking
• Self-motivated individual with enthusiasm for learning and building things
• Collaborative, communicative, and confident in their abilities to work well with all team members at all seniority and skill levels
• Hands-on experience with Rust/Substrate and Contribution to open-source blockchain projects is an added advantage

About Us

CoinFantasy is a Play to Invest platform that brings the world of investment to users through engaging games. With multiple categories of games, it aims to make investing fun, intuitive, and enjoyable for users.

It features a sandbox environment in which users are exposed to the end-to-end investment journey without risking financial losses.

Website: https://www.coinfantasy.io/

Benefits

• Competitive Salary
• An opportunity to be part of the Core team in a fast-growing company
• A fulfilling, challenging and flexible work experience
• Practically unlimited professional and career growth opportunities

Key Responsibility Areas:

Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex Web applications, operating systems, wired and wireless networks, and mobile applications/devices Delivering targeted and intelligence led security penetration testing through a robust testing methodology and process Craft and develop scripts, frameworks, tools, and the methods required for facilitating and executing sophisticated charges, emulating malicious actor behavior sought at avoiding detection Conduct security assessments on a wide variety of technologies and implementations Develop and maintain security testing plans Maintain and evolve a mature set of security penetration testing and internal Red Team processes covering all areas of technology Automate penetration and other security testing on networks, systems and applications Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk Produce actionable, threat-based, reports on security testing results Act as a source of direction, training, and guidance for less experienced staff Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators Foster and maintain relationships with key stakeholders and business partners

Required Skills:

2 to 6 years of experience in information security with web application and network penetration testing experience Fluent in common cyber security domains such as cloud security, access control, encryption, identify management, security operations, application security, penetration tests, endpoint security, vulnerability management, threat intelligence Strong understanding of OWASP top 10.

Experience or knowledge of IT security risk assessments and gap analysis In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) Hands on experience with testing frameworks such as the PTES and OWASP Experience of functional testing, UI/UX testing and manual testing, Load, Performance testing across multiple browsers and devices Hands-on experience in designing and writing test automation scripts using test automation frameworks and knowledge on API Testing Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud

Qualification: Masters/Bachelor’s Degree

• Solid experience in designing, implementing, and securing cloud environments, including services such as EC2, S3, RDS, IAM, VPC, and CloudTrail.
• Strong understanding of DevOps methodologies and experience with CI/CD pipelines and tools (e.g., Jenkins, GitHub, SonarQube).
• In-depth knowledge of cloud security best practices, industry standards, and compliance frameworks (e.g., NIST, CIS, ISO 27001).
• Proficiency in scripting languages such as Python, Bash, Groovy.
• Experience with Infrastructure-as-Code (IaC) tools like AWS CloudFormation or Terraform.
• Familiarity with security scanning and monitoring tools, such as AWS Security Hub, GuardDuty, Inspector, or third-party solutions.
• Strong understanding of network security concepts, including firewalls, VPNs, and secure network architectures.
• Knowledge of secure coding practices and experience with application security testing tools (e.g., SAST, DAST, fuzzing, and secure coding patterns).
• Excellent problem-solving skills and ability to work collaboratively in a team-oriented environment.
• Participate in incident handling and other related duties to support the information security function.
• The ability to learn and apply new concepts quickly
• Strong written and oral communication skills

Job Responsibilities:

·       Assist the Security Manager in developing and implementing security policies and procedures.

·       Conduct regular security risk assessments and audits.

·       Monitor security systems, including firewalls, intrusion detection systems, and access controls.

·       Respond to security incidents and provide recommendations for remediation.

·       Assist in managing user access and authentication.

·       Provide security awareness training to employees.

·       Maintain and improve endpoint security solutions (e.g. antivirus, endpoint detection and response).

·       Collaborate with other departments to ensure security is integrated into all aspects of the organization's operations.

·       Stay up to date on the latest security threats and industry trends.

Qualifications and skills:

·       Bachelor’s degree in computer science, Information Security, or a related field.

·       4-5 years of experience in security-related roles.

·       Knowledge of security systems and protocols.

·       Familiarity with risk management frameworks.

·       Knowledge of compliance regulations and standards.

·       Excellent communication and interpersonal skills.

·       Strong analytical and problem-solving skills.

·       Ability to work independently and as part of a team.

·       Attention to detail and accuracy.

We are seeking a highly skilled and experienced Subject Matter Expert (SME) to join our team and provide valuable insights and analysis on our cybersecurity training content and competitors. Our business vertical focuses on delivering automated cybersecurity training through a software platform to over 1 million employees of our 150+ global customers. We cater to various industries and diverse backgrounds, with different levels of technical expertise. Thus, we create a diversified variety of content to cater to the training requirements of different user groups and personas. The SME's role will be pivotal in ensuring efficient and effective cybersecurity awareness training by creating high-quality content. 

Responsibilities: 

● Review and evaluate cybersecurity awareness content to ensure accuracy, relevance, and effectiveness. 

● Write industry-specific technical content to cater to the diversified audience.

● Provide feedback and recommendations to improve content quality and alignment with industry standards. 

● Conduct competitive analysis to identify industry trends, best practices, and potential gaps in our offerings. 

● Analyze global competitor strategies and offerings to identify strengths, weaknesses, and opportunities that benefit our customers. 

● Stay up-to-date with the latest cybersecurity trends and industry developments to ensure our offerings remain competitive. 

● Collaborate with cross-functional teams to ensure content is aligned with marketing and sales strategies. 

● Identify and refine complex security problems in a simplified and layman way. 

Qualifications: 

● Bachelor's degree or certifications in cybersecurity, computer science, or a related field.

● Minimum of 3-5 years of experience in cybersecurity content writing and competitive analysis.

● Strong knowledge of cybersecurity concepts and best practices. 

● Experience with analyzing competitor strategies and offerings. 

● Excellent communication and collaboration skills. 

● Strong analytical and critical thinking skills. 

● Self-motivated and able to work independently. 

● Ability to adapt to changing priorities and deadlines. 

If you are a cybersecurity professional with a passion for creating high-quality content and analyzing the cybersecurity industry's latest trends and developments, we encourage you to apply. Join our team and help us deliver top-notch cybersecurity awareness training to our global customers.

Information Security Specialist

Notice Period: 45 days / Immediate Joining

Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA. 

We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.

It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges. 

Key Qualifications

· Design, deploy, and support Information Security Solutions provided by BDS

· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms

· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.

· Research and strategic analysis of existing, and evolving all IT and data security technologies

· Establish baselines to define required security controls for all infrastructure components and application stack

· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.

· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts

· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up

· Must be able to work a flexible schedule during off-hours

Key Skills & Qualification

· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance

· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)

· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk

· Exposure of the security audit tools on public cloud platforms

· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture

· Certified Ethical Hacker would be a plus

· Handling of Security audits is a must

· Proven interpersonal skills while contributing to team effort by accomplishing related results

· Passion for learning new technologies and the ability to do so quickly.

http://www.banyandata.com" target="_blank">www.banyandata.com 

• Design and Build cloud architecture/infrastructure
• Provision, maintain and administer MS Azure Cloud Environment
• Windows server administration.
• Implement and maintain cloud monitoring, auditing and network management functions.
• Optimize the processes for cloud-based data storage, backups and restores.
• Implement cloud security to protect data, applications, and infrastructure.
• Develop, maintain, and execute Configuration Management scripts.

• Experience in server hardening best practices
• Knowledge of special security arrangements like Network security, DoS Protection, OS firewall, etc
• Ability to work with software firewalls and web application firewalls
• Log management and replication to a central server
• Ability to architect a secure deployment in Azure/Aws cloud using the native abstractions and services provided by respective cloud service providers.
• Ability to conduct a self VAPT of the network and servers, so that the environments are better prepared for external audits by customers' info sec teams and/or auditors.
• Ability to use DevOps automation to setup environments from scratch and also patch them from time to time to handle the changes resulting out of various factors e.g. VAPT audits, customer requests
• Experience building solutions using MS Azure DevOps.
• Knowledge of general networking concepts (e.g., DNS, TCP/IP, and firewalls).
• Experience development & maintenance of a CI/CD system.
• In-depth knowledge of build and deployment automation technologies.
• An attitude and ability to take ownership and deliver a high-quality product, on time.
• Experience of implementing DevOps
• Experience in DevOps Architectural decisions, tools selection, best practices.
• Constant research and learning on new tools and technologies in DevOps space.