IT Security Manager
IT Security Manager- 8-12 Years
NOTE - We are looking for those candidates who can join immediately or within 15-20 days of the notice period.
Key Responsibilities:
• Lead IT security projects including design and implementation of security infrastructure &software
• Experience working with Linux/UNIX administration"
•
• Define next gen IT security strategy, architecture, and processes for the group
• Analyse business requirements by partnering with key stakeholders across the organization to develop security solutions
• Lead validation of BCP & DR as per the organizational needs
• Experience with framing apolicies, processes and procedures and their implementation of IT Security for both On premise and Cloud infrastructure
• Write or review security-related documents, such as incident reports, proposals, and tactical or strategic initiatives.
• Maintain and manage security for all existing and new IT infrastructure and Applications
• Monitor security performance of information technology systems to drive cost and productivity levels, and to make recommendations for improving & standardization of the IT infrastructure
• Develop strategies for infra and application hardening
• Hands on experience with implementation of various security products & infrastructure
• Testing, troubleshooting, and modifying and ensure no performance impact on the systems so that they operate effectively
• Prepare plan and strategies to ensure security of the organization including both high and low risk events.
• Develop budgets for security operations and new initiatives.
• Coordinate security operations, Audit & Compliance activities along with law enforcement and government agencies.
• Ensure completeness of documentation and have exposure to ISO 27001, ISMS policies
• Work with key IT service providers to ensure industry standard platform, network and endpoint security posture
Key Skills required:
• Critical Infrastructure Management- (Manage SPI, Certification resources and infrastructure)
• WAF – Barracuda, Cloudflare, Akamai
• Cloud Security – AWS and Azure are preferred
• Work with Software and teams in resolving vulnerabilities
• SSL and PKI infrastructure management
• SIEM – Event Management, Endpoint Management, Threat analysis, patch Management
• Anti-Virus (VDC and Global Endpoints)- Web content filtering, Definition updates,
• Time Monitoring – system health checks and resource utilization checks, SIEM log analysis
• Log Monitoring and Log Analysis – collect, alert, store, search, report and share system and WAF logs
• Manage compliance – PCI, ISO
• Ability to work in global environments with teams spread globally
• Multi-tasking and time-management skills, with the ability to prioritize tasks.
• Highly organized and detail oriented.
• Excellent analytical and problem-solving skills.
• Experience with framing policies, processes and procedures and their implementation of IT Security for both On premise and Cloud infrastructure
experience with policies
• blue team (any experience with defending the network)
any experience with vulnerability assessment and PT
About this IT company is looking for candidates for this profile.
Similar jobs
As an Enterprise Security Architect you will join a growing organization to lead a modern enterprise security program. In this role the Architect will have responsibility for identifying, defining, developing, leading security technology strategy across a broad portfolio of IAM, Cloud, End Point, Network, Web security and related technology systems, and the assessment of new and emerging identity technologies at the very large enterprise scale.
As a senior member of the team you will engage and partner with senior leaders across the organization leveraging your extensive background in (managing / delivering / implementing / architecting) security technology combined with expertise in organizational and cross-functional communication to develop strategy, influence roadmaps, solution adoption, champion strategic opportunities / execution plans with the aim to improve security capabilities, reduce risk and position forward looking identity governance and security enhancements
• Responsible for defining an architectural vision and architecture for large complex solutions, which aligns with the enterprise architecture strategy, technology and platform choices
• Describes the solution intent and the associated operating environment, determining the primary systems/subsystems and their interfaces, defining non-functional requirements and architectural runway to support new epics/features and expand into new opportunities
• Ensures the solution is fit for purpose and use by working with stakeholders, vendors/service providers, and evaluating the impact of strategic design decisions
• Contributes to best practices, standard templates, and the architecture roadmap for defined domains.
• Creates endpoint/host, workplace productivity security reference architecture and design patterns for reusability.
• Contributes in the creation of the architecture roadmap of defined domains (Business, Application, Data and Technology) in support of the product roadmap
• Contributes to the development of best practices including standardized templates
• Works across business and technology to create the solution intent and architectural vision for large complex solutions and evolves it based on an emerging backlog
• Works with Product Manager/Owner to plan and prioritize technology focused backlog items for the architecture runway to enable business epics/features and expand into new opportunities
• Clarifies the architecture for the development teams to support implementation, and provides solution options to resolve any architectural impediments
• Performs design and code reviews to ensure all non-functional requirements for a solution are sufficiently met (e.g. security, performance, maintainability, scalability, usability, and reliability)
• The platform security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers.
• Develop blueprints and procedures to effectively secure company data against accidental or unauthorized modification, destruction or disclosure.
• Create and define the security architectures and roadmaps encompassing cloud architecture, access management, and monitoring.
• Design and develop data security architectures for cloud and cloud/hybrid-based systems.
• Align architectural design technical controls and solutions to industry best practices and guidelines (e.g., NIST CSF, CSA, CIS, OWASP)
What are we looking for?
We want strong collaborators who can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented, and are able to execute in a way that encourages creativity and continuous improvement.
Requirements:
• 10+ years of hands-on experience with scoping, sizing, designing, architecting & building IAM solutions across various technologies, or demonstrated ability to meet job requirements through comparable work experience.
• Expert level knowledge of authentication/authorization standards, protocols, and frameworks such as FIDO, OpenID, SAML, OAuth, JWT, CA, X.509, MTLS, etc.
• Technical expertise and experience with Microsoft MFA, SailPoint, CyberArk, ForgeRock, Okta, Ping, Active Directory, Azure Active Directory, AWS, Google Cloud Platform, Microsoft Azure, and IDM integration across domains
• Solid understanding of Cloud concepts and hands on knowledge on Azure/AD or other cloud identity environments.
• Experience designing and implementing security services and tools applied to GCP, Azure and AWS
• Expertise with Data Loss Prevention and CASB strategies and solutions supporting security of critical SaaS solutions such as Office 365, etc.
• Experience with Hybrid cloud architectures and designs
• Must have experience with Internet Application Hosting architectures, best practices and related technologies to effectively protect externally facing applications
• Experience with DevSecOps process, Container technologies (Docker, Kubernetes), API Gateways, and other common web application technologies is preferred
• Strong knowledge of enterprise security concepts/frameworks and products, secure design principles and best practices
• Strong verbal and writing skills to develop technical documentation and presentations
• Experience in leading technical architecture and security design discussions
• Experience managing multiple multi-level stakeholder relationships
• Bachelors in Computer Science, Computer Engineering or related field
“Such other task that Company may assign you time to time”.
Hi,
Intuitive (http://www.intuitive.cloud/">www.intuitive.cloud) is one of the fastest-growing Cloud & SDx Engineering solution and services companies supporting 80+ Fortune 1000 Global Enterprise customers in the Americas and Europe. Intuitive is a recognized professional & managed services partner for core superpowers in Cloud (Public/Hybrid) Adoption/Migration & Transformation, Cloud Security, GRC, DevSecOps, SRE, Data, Application Modernization / Containers/K8s-as-a-Service and Cloud Application Delivery
FTE (permanent)
100% Remote opportunity
Time-6 pm to 3.00 am(IST)
Role: Azure Network & Security Architect JD:
Must have:
Strong understanding of data center network and security architecture with products like Cisco switches/routers, Arista/juniper switches/routers, Palo Alto/Cisco/Fortinet firewalls, proxy, DNS etc Strong understanding of overall Azure cloud infrastructure, network and security architecture. In-depth understanding of Azure Networking components/services like vnet, vnet peering, udr, SDR, express route, NVA, load balancers, endpoints,vWAN, virtual Network gateways, Network watcher, Azure network function manager, CDN, Private link, traffic manager etc In-depth understanding of Azure Security components/services like Azure firewall, Azure firewall manager, Azure front door, WAF, NSG, Internet analyzer, Bastion, Defender, Key Vault, Sentinel etc Strong understanding of how to securely interconnect multiple cloud accounts, on-prem servers, etc. Expertise in automation tools such as Terraform/Jenkins/Powershell/Ansible/Azure CLI etc. Strong understanding of How to protect Azure Cloud-based infrastructure, including distributed denial-of-service (DDoS) attacks, phishing attacks, and threats involved. content classification etc
Good to have: Sound understanding of GCP and AWS cloud network and security architecture Sound understanding of F5 load balancers/LTM/GTM, AFM, ASM, APM etc
If Your profile matches to the requirements share your anithadotkatintuitivedotcloud
Regards,
Anitha. K
TAG Specialist
Job Brief
QwikSkills is seeking an extremely knowledgeable Azure Cloud Engineer with a passion for problem-solving. You will make recommendations and help to create and maintain cloud services for developers that use this infrastructure for their software. You will need great collaboration and communication skills as you will spend a large part of your role interacting with developers and non-technical stakeholders.
Who We Are
QwikSkills is a one-stop platform to learn & practice hands-on cloud skills, cloud certification preparation and practice needs. We offer affordable world-class online certification practice tests and hands-on cloud labs for individuals as well as teams for AWS, Google Cloud, Azure, VMware etc.
As an Azure Cloud Engineer, your responsibilities include:-
- Developing and deploying Cloud solutions in collaboration with the cloud team.
- Managing and maintaining Cloud Labs portfolio.
- Creating, debugging, testing, and documenting Cloud Labs.
- Identifying, analysing, and resolving Cloud infrastructure vulnerabilities and application deployment issues.
- Regularly reviewing existing systems and making recommendations for improvements.
- Generating curriculum for technical training.
- Working with the internal team to design, own, and deliver advanced training courses.
- Handling a group of 50-100 mentees/students and constantly guiding them through the course curriculum.
What We Are Looking for, in a Candidate
- Energy and enthusiasm to work in a fast-paced start-up culture
- Valuable degree in Computer Science or other technical discipline or equivalent
- Good understanding of the various Azure services and how they work together
- Superior programming knowledge, Python needed
- Good creativity and ideas for creating new Lab content that is engaging, relevant, and useful for the learners
- Good understanding of finding quality content for Labs Doc Creation
- Demonstrable problem-solving skills and logical thinking techniques, and have excellent attention to detail
- Excellent teamwork/collaboration skills
- Effective time management skills
- Proven work experience in a similar role
Fringe Benefits of Working with Us
- Assured winsome compensation
- An inclusive team of like-minded professionals
- An energetic and positive working space
- Collateral creative freedom
- Personal and professional development
- A major scope for career progression
About Us
Rezo.ai is an AI-Powered Contact Centre that enables enterprises to enhance customer experience and boost revenue by automating and analyzing customer agent interactions across multiple channels including voice, email, chat/WhatsApp, and social, at the required scale, whilst training agents with minimal costs
How do we do it
Rezo’s AI-Powered contact center leverages ground-breaking technologies in AI, ML, ASR, NLP, RPA, and predictive intelligence to transform customer experience and reduce costs by automating, analyzing social media, whilst coaching them.
Overview
Providing leadership in the information security space, helping ensure ISO and GDPR certification, and establishing, maintaining, and enforcing our security policies. Working closely with our business and technology teams to ensure awareness and adherence to the policies and procedures established.
To ensure that the security solutions being designed and delivered are aligned with the enterprise security architecture, supporting the transition of the security architecture from its current to its planned future state.
To lead and provide strategic oversight to ensure and assure the beneficial and cost-effective security change across key accounts, through the evaluation of business strategies and requirements providing advice, guidance and assurance.
Role & Responsibility
- Provide security advice and guidance to business and delivery teams ensuring solutions are consistent with the enterprise security roadmap whilst balancing business values and security risk.
- Recommend changes to IT systems to bring them into compliance with security policy, standards, blueprints and roadmaps.
- Influence stakeholders to adopt architecturally sound approaches to the management of risk.
- Advise on the translation of business requirements into secure IT solutions and migration roadmaps.
- Preparation and documentation of standard security operating procedures and protocols
- Recommend technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Advise on alternate solutions and countermeasures to mitigate identified information risks.
- Provide assurance that identified solutions or countermeasures mitigate identified information risks.
- Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
- Implements security improvements by assessing the current situation; evaluating trends; anticipating requirements.
- Keeps users and businesses informed by preparing performance reports; communicating system status, and owning security incidents when they arise.
Technical Skills Required
- Proven experience in the design, implementation and operation of scaled IT security services and capabilities, ideally within a large government organization or complex large-scale multi-supplier organization.
- Strong technical aptitude and exposure to ISO 27001 or similar-based security policies and standards.
- Excellent communication skills, with the ability to articulate complex technical issues into business-focused terms and communicate with Stakeholders.
- Knowledge of GDPR, its business implications and the merits of various technical approaches
- Expertise in IT security risk in a business context
- Exposure to web application security and penetration testing.
- Exposure to securing the software development life cycle and to project management disciplines.
- Excellent organizational and technical documentation skills.
- Strong understanding of Information Security including threats, attacks, and vulnerability management.
- Deep understanding of secure development practices, with practical experience of cyber security, privacy protection, cloud security, identity management, situations awareness, protective monitoring, security operations, risk management and reporting.
- Extensive experience in designing, building & supporting Azure Managed Services Operations.
- Good understanding of Azure IaaS and PaaS services (Azure VMs, App Service, VM Scale set, Storage, Web App, Function App, Logic App, SQL instance, Data factory, Key vault, API management service etc.).
- Good understanding of Azure networking, vNet, NSG, various load balancing services, VPN, Express Route and firewalls in cloud environment.
- Knowledge on Cloud Adoption Framework.
- Hands on Experience in migration of various workloads to Azure from on-prem sources like VMware, Hyper-V, Physical Servers and from other Clouds.
- Knowledge of Azure Backups and ASR (Azure Site Recovery).
- Strong Knowledge on Containerization and Orchestration (Docker, Kubernetes, AKS).
- Powershell Scripting, Azure CLI, ARM templates writing, setup automation for resources provisioning and other IaC tools like terraform, Ansible is an added advantage.
- Knowledge on Azure automation and Automation Desire State Configuration.
- Knowledge on Azure Devops or GIT Actions on CI/CD pipeline configuration.
- Strong experience in configuring, maintaining, and troubleshooting Microsoft based production systems.
- Aspire to learn and be able to pick up latest technical advances in Azure and be able to implement it.
- Certificate on Azure Administrator & Azure Architect has added advantage.
What you will do:
- Working closely with the external auditors to achieve common goals
- Conducting Enabling Service Audit (HR, Admin, IT) once in 6 months for the verification of ISMS & QMS Standards
- Performing ISMS and Internal Audit
- Being part of the external Audits (ISMS, QMS & CMMI)
- Managing of implementation of ISMS
Desired Candidate Profile
What you need to have:- Strong communication and team building skills with proficiency at grasping new technical concepts quickly and utilizing the same in a productive manner
- Experience in ISO27001, Internal Audits, CMMI
NOTE- we are looking for hose who can join immediately or within notic period of 15-20days.
location_;Hyderabad
(wfh till pandemic)
JOB DESCRIPTION
• Job Scope
o Analyse incident in our security devices, conducting investigation and finding the
root cause of incidents.
o Managing endpoint detection security system
o Managing, configuration and fine tuning of on-prem firewall and WAF
o Provide and advise IT team on security and IT related issues such as network
configuration, firewall configuration, etc
o Ensuring all utilized cloud services are secured and the configuration comply to best
practices benchmark
o Communicate risk and recommendations to mitigate risk to the senior
administration by communicating in non-technical format
o Assists other department to ensure regulatory compliance to any necessary
compliance
• Minimum Requirements
o At least 2 years of experiences in managing endpoint detection system, WAF and
FW.
o Hands on experience on cloud environment preferably Microsoft Azure.
o Bachelor’s degree of any IT related courses.
o Strong understanding of incident detection and response process and procedure
o Strong knowledge in networking and in operating system such as
Linux/Unix/Windows
JOB DESCRIPTION
(NOTE- we are looking for those candidates who join immediately or notice period of within 15-20days)
• Job Scope
o Conduct penetration testing on internal website/system owned by EC-Council
o Produce a report and presentation to the system owner explaining the security
structure and the vulnerabilities of the system
o Conduct scoping for any new projects
o Research and recommend fixes for issues/vulnerabilities identified during the
penetration testing
o Create and update security test plan regularly according to the nature of the website
assigned
o Conduct research on new vulnerabilities and threats regularly to improve oneself
capabilities
• Minimum Requirements
o At least 3 year experience in conducting any three of the following
▪ Network Penetration Testing
▪ Mobile Application Penetration Testing
▪ Web Application Penetration Testing
▪ Source Code Review
▪ Writing, extending and modifying exploits, shellcode
▪ Reverse engineering malware, data obfuscation and ciphers
o Bachelor’s degree in IT security related field or equivalent
o Any (2) of the following certification ; OSCP, OSCE, OSEP, OSWE, CRT, LPT or
equivalent
o Proficiency in at least 1 programming language such as PHP, ruby, Python, Perl
o Strong understanding of encryption (SSL/TLS, PKI) and other authentication methods
o Good experience with tools used for penetration testing such as Metasploit,
BurpSuite, w3af, Kali Linux, SQLMap, Skipfish
o Excellent written and verbal communication skills, especially when dealing with
large reports and datasets with a high standard of documentation
o Mastery in linux/unix operating system and bash/Powershell
Position: - Professional Service Consultant
Location: - Noida
Company: - Infinity Labs Ltd
Website: - http://www.infinitylabs.in">www.infinitylabs.in
Job Description: -
Desired Experience:
Providing remote support/ consultation on security domain who can work in a 24/7 environment and collaborate with customers and accounts teams to deliver seamless services to large enterprises.
Education:
BE in Computer Science or equivalent education/training/experience.
Key Skills:
- Excellent verbal and written communication skills.
- Strong consulting skills.
- Ability to multi-task and work in a fast-paced environment.
- Ability to be self-starting and manage multiple tasks at a given time.
- Ability to work individually and as a part of a team.
- Effectively handle multiple projects and deliver the right solution to the customer.
Technical Skills
- Advance understanding of internetworking, LAN, and WAN technologies.
- Experience with network, security solutions, and technologies leading security solutions in large environments.
- Expertise with Remote Access VPN solutions, IPSEC, PKI & SSL, TCP/IP, Authentication Protocols (LDAP, RADIUS etc.)
- Experience with troubleshooting skills related to networking, routing, IP, NAT, IPSEC VPNs and knowledge of how these interact with applications and users.
- Ability to independently debug broad, complex, and unique networks with mixed media and protocols required.
- Experience with installation, configuration and operation of Palo Alto Networks products.
- Experience working with a multi-factor authentication security system.
- Experience on the Endpoint security.
- Experience in Cloud technologies (AWS, Azure primarily, VMware NSX etc.)
- 5+ years of software development or site reliability engineering or equivalent experience
- Skilled at problem solving, algorithms, and data structures
- Building tools and scripting frameworks from scratch
- Working with Cloud Automation tools like CloudFormation, Terraform, CDK, aws-cli
- Scripting languages like Python, Groovy, PowerShell, Bash, Perl etc.
- Configuration automation using Ansible or equivalent tools
- Exposure to Windows, Linux administration skills
- Project management tools like Jira, Trello
- Prior experience in dealing with Datastore technologies like Postgres, MySQL, SQL, DynamoDB is desirable
- Familiarity with basic networking, security and cloud engineering concepts
- Team player who is eager to help others to succeed through mentoring and leading by example
- Highly collaborative with effective written and verbal communication skills