Cyber Security Engineer

Job Description: SOC Manager

ESSENTIAL RESPONSIBILITIES          

•      Leadership & Team Management: Leads the SOC team providing clear direction, fostering teamwork and collaboration. Regularly assesses the strengths and weaknesses of team members, providing mentoring, coaching, and opportunities for growth. Hands-on execution across operational challenges, making decisive judgments while ensuring high morale and cohesion.

•      Incident Management: Ensures that all security events and incidents are identified, categorized, and responded to promptly and thoroughly. This includes setting up appropriate escalation processes, coordinating between various teams for cross-functional incidents, and ensuring that incidents are closed with comprehensive documentation and lessons learned.

•      Continuous Improvement: Regularly reviews and analyzes the efficiency of the existing operations processes, tools, and protocols. Implement changes based on findings, feedback from the team, and changing threat landscapes. This also involves staying updated with advancements in SOC technologies and methodologies.

•      Technology Management: Oversees the implementation, configuration, and continuous tuning of various security tools, including the client’s Security Platform.

•      Training and Development: Designs and implements a continuous training plan for the existing and new SOC team members, ensuring they have the latest skills and knowledge and are onboarded and productive as quickly as possible. This also involves organizing periodic simulation exercises (like red teaming) to test and improve incident response capabilities.

•      Reporting: Establishes a comprehensive reporting framework that offers insights into the SOC's performance. This includes metrics on incident volumes, response times, and resolution success rates.

These reports should be presented to stakeholders clearly, actionable, highlighting successes and areas for improvement.

REQUIRED EXPERIENCE

•      Minimum of 6+ years in cybersecurity roles with at least 3 years in a SOC leadership position.

Experience in an MSSP or a large-scale global SOC is highly preferred.

•      Experience in actively managing the lifecycle of security incidents.

•      Strong knowledge and familiarity with major cloud provider technologies (AWS, Azure, etc.)

•      Solid understanding of networking protocols and infrastructure designs, including cloud infrastructures, routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.

•      Experience with virtualization technologies (VMware, Microsoft Hyper-V).

•      Experience with the following tools and technologies:

–     Security Information and Event Management (SIEM)

–     Intrusion Detection & Prevention (IDP) 

–     Endpoint Detection & Response (EDR)

–     Network Detection & Response (NDR)

–     Network Analysis tools - Wireshark, tcpdump, etc. 

–     Scripting in Python, Bash, PowerShell

•      Experience in regulated environments such as HIPAA or PCI preferred.

•      Strong governance skills in time management, project management, and stakeholder management.

•      Excellent communication skills, with ability to lead security-reviews with clients; keep stakeholders appraised of key issues/risks/incidents.

PREFERRED CERTIFICATIONS

•      CISSP – Certified Information Systems Security Professional

•      CISM – Certified Information Security Manager

•      OSCP – Offensive Security Certified Professional

•      CEH – Certified Ethical Hacker

•      GSEC – SANS GIAC Security Essentials

•      CompTIA – Security

OTHER REQUIREMENTS

·      Flexibility of schedule is required to meet the demands of the position.

·      This role requires to work in shifts (including night shift) and support clients in North America.

Job description- Information Security(Financial)

Roles and Responsibilities

HTC Global Security Delivery Centre will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills

Work profile of individual

• As part of the companyC Global cyber security consulting team, individual’s primary role would be to be a part of ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS, Cyber Security, SOX ITGC on customer engagements
• Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
• Will be an active participant in internal / third party system security reviews and audits on customer engagements.
• Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
• Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
• Will assist in developing proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
• Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.

Team work

• Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
• Individual would predominately work with off-shore engagement teams and relevant HTC Territory teams on presale and cyber security delivery.
• Communication, written and verbal, with these teams would be expected.
• Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
• Team members would be required to handle multiple tasks at the same time.
• Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.

Desired Candidate Profile

• Bachelors
• Certifications (ISO 27001/ ISO 31000/ or equivalent and other relevant qualification/certification
• Experience : 3-5 years
  
  

Knowledge Required:

• Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
• Understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
• Sound knowledge of Internal financial Controls and Compliance. Must be able to recommend controls around people, process, and technology.
• Sound knowledge of General Leger / Balance Sheet / Journal Entry / Budgeting / Financial fraud
• Sound knowledge on business controls and process controls. Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
• Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
• Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
• Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.

Additional Responsibilities:

• Ability to develop value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
• Good knowledge on software configuration management systems and license Management systems
• Awareness of latest technologies and Industry trends
• Logical thinking and problem solving skills along with an ability to collaborate
• Understanding of the financial processes for various types of projects and the various pricing models available
• Ability to assess the current processes, identify improvement areas and suggest the technology solutions
• One or two industry domain knowledge
• Client Interfacing skills
• Project and Team management

A network of the world's best developers - full-time, long-term remote software jobs with better compensation and career growth.  We enable our clients to accelerate their Cloud Offering and Capitalize on Cloud.  We have our own IoT/AI platform and we provide professional services on that platform to build custom clouds for their IoT devices.  We also build mobile apps, run 24x7 DevOps/site reliability engineering for our clients.

We are looking for a friendly, very hands-on technical, and dependable professional with plenty of experience as a backend & cloud engineer to provide site reliability services to our internal teams and end customers. We expect you to deliver with TOP quality & high speed. You must have experience developing and designing amazing UI screens.

This person MUST have:

• BE Computer Science or equivalent
• Cloud app development experience.
• Strong Troubleshooting and debugging skills
• A strong passion for writing simple, clean, and efficient code.

• 3 years of experience with the Django framework and other backend technologies.
• Knowledge of NodeJS
• Experience with building, modifying, and extending API endpoints (REST or GraphQL) for data retrieval and persistence.
• Understand how to use a database like Postgres (preferred choice), SQLite, MongoDB, MySQL.
• Experience creating high-performance applications.
• Experience with messaging and broker tools - Rabbitmq, MQTT
• Experience with SQL and NoSQL databases
• Experience with the full software development life cycle, including requirements collection, design, implementation, testing, and operational support.
• Knowledge of web services
• Proficient understanding of code versioning tools Git.
• Hands-on experience deploying and managing infrastructure with CloudFormation/Terraform
• Experience managing AWS infrastructure.
• Hands-on experience in Linux environment.
• Basic understanding of Kubernetes/Docker orchestration.
• Manges existing infrastructure/Pipelines/Engineering tools (On-Prem or  AWS) for the engineering team (Build servers/Jenkins nodes etc.)
• Experience with scrum or other agile software development methodology.
• Excellent verbal and written communication, teamwork, decision making and influencing skills.
• Handle customer calls/emails regarding technical issues for end-users.
• Strong communication skills
• Attention to detail.

Experience:

• Min 3 year experience

Location:

• Ahmedabad Office Or,
• Work from home

Timings:

• 40 hours a week with a rotational shift every month.

Position:

• Full time/Direct
• We have great benefits such as PF, medical insurance, 12 annual company holidays, 12 PTO leaves per year, annual increments, Diwali bonus, spot bonuses and other incentives, etc.
• We don't believe in locking in people with large notice periods.  You will stay here because you love the company.  We have only a 30 days notice period

TIKAJ is seeking a passionate person who is ready to kickstart his/her cybersecurity career. Security Analyst is your first step to a brighter future as a cybersecurity expert.

• Respond and take enforcement actions on cyber security incidents
• Monitor user activity, network events, and signals from security tools to identify events.
• Categorize alerts and other anomalous activities that represent real threats.
• Remediate attacks and Triage on general information security tickets.
• Collect data for more analysis, evaluate the attack, identify the root of the attack, and implement required security actions to counter the attack.
• Responsible for investigating and generating reports on information security issues.

• Who are motivated, self-learning, and team-oriented individuals?
• Have a degree in computer science or a related field.
• Who have beginner to intermediate level experience in Python
• Who has an interest in Cyber security, phishing, cyber laws and enforcement
• Good is written and verbal communication.

Position: IT Auditor

Experience: 4-12 Years

Location: Pune

Key Skills Required:

CISA, CISSP, CISM, IT Audit, Technology Audit, IT Infrastructure Audit, Application Security Audit, Information Security Audit, Cyber Security Audit, Cloud Security, Ethical Hacker

Additional key words: Vulnerability assessment, Penetration Testing, ITGC testing, Cloud Computing,

IT AUDITOR is responsible to plan and perform the audit assignment starting from audit announcement, audit planning, field work, audit quality reviews, pre-closing / closing meetings with the respective Directors / Head of the Departments including writing of the audit report and its finalization as well as follow up of the audit actions. Additionally IT AUDITOR will also be responsible to:
•    Evaluate IT systems, processes and projects in place;
•    Determine risks to the Group’s information assets, and help identify methods to minimize those risks;
•    Ensure information management processes are in compliance with IT-specific laws, policies and standards;
•    Determine inefficiencies in IT systems, IT projects and associated management processes and
•    Consult in IT projects, new initiatives and organizational frameworks.

Description

Audit Planning

1)    Perform audits at Volkswagen Group entities. and other concerned Volkswagen Group Companies with focus on IT processes keeping the associated business risks in mind.
2)    Participate in the preparation of audit objective & scope document along with audit schedule based on the audit objective and timeline specified by Head of IT Audit India Hub.
3)    Participate in the preparation of work program

Audit Process

1)     Prepare and conduct preparatory interviews with the Directors and Heads of the audited departments to identify the processes to be assessed during the audit.
2)     Request and collect relevant audit data for analysis from respective business areas.
3)     Prepare audit matrix on periodic basis to record the audit field work and update the progress of the audit to IT Audit Manager and the Head of IT Audit Hub India.
4)    Define actions including relevant controls to mitigate the business risks identified based on the evidences provided during the audit.
5)    Organize and conduct pre-closing meetings with business areas to agree upon audit observations and relevant actions.
6)    Prepare and conduct closing meetings with the Directors / Heads of the Department for audited division to agree upon the audit observations, risks and proposed actions.
7)    Prepare the draft audit report and submit the same to the  IT Audit Manager and the Head of IT Audit India Hub for review.
8)    Ensure that adequate documentation is prepared for the audit assignment. Peer review changes are done before release of the final audit report to the business area.
9)    Contact business area to review the progress of the implementation of audit actions defined in the final audit report. Based on the review, write the status of the follow up and submit the same for upload in RIAS.
10)    Obtain necessary certifications / qualifications to support the job requirements by attending relevant trainings
11)    Support the conduction of unscheduled audits/special investigations and audits from the anti-corruption system.
12)    Relevant knowledge is shared among the team members.
13)    Consult in IT projects, new initiatives and organizational frameworks.
14)    Ensure information management processes are in compliance with IT-specific laws, policies and standards.
15)    Determine risks to the Group’s information assets, and help identify methods to minimize those risks.
16)    Evaluate IT systems, processes and projects in place.
17)    Determine inefficiencies in IT systems, IT projects and associated management processes.