IT Security Specialist

L2 engineer - Palo Alto firewall experience of 3 years in handling technical support for customers.

Should have carried out technical support for clients via remote sessions other than on phone and email.

Should be able to analyze technical issues and provide resolutions.

Palo Alto firewall experience of 3 years in handling technical support for customers.

Should have carried out technical support for clients via remote sessions other than on phone and email.

Should be able to analyze technical issues and provide resolutions.

Should be able to communicate well.

Roles and responsibilities:

- Audit the current Information Security system and procedures and do a Gap analysis

- Identify immediate potential Information Security Risks and manage remediation tasks through to closure

- Create an Information Security Compliance Roadmap and execute end-to-end compliance initiatives by that roadmap

- Design high-quality test plans and direct Data/Information security control test activities

- Continuously improve Octro Data/Information security control framework

- Maintain handbook pages and procedures related to Information security compliance

- Identify opportunities for Information security compliance control automation, execute them and then maintain

- Provide actionable and constructive advisement to cross-functional teams, including driving remediation activities for high and select moderate-risk Observations across all Octro departments

- Design, develop, and deploy scripts to automate continuous control monitoring, administrative tasks and metric reporting for all security compliance programs

- Direct and support external audits as and when necessary

Requirements

- A minimum of 6-8 years' experience working with Data/Information Security Compliance programs

- Detailed knowledge of common information security management frameworks, regulatory requirements and applicable standards such as: ISO, SOC 2, GDPR, PCI etc.

About Octro Inc :

We are one of the fastest-growing mobile gaming companies around, a technology-driven organization at heart, and take pride in the platforms we create.

Founded in 2006 with a mission to create productivity applications for Mobile Devices. After pioneering one of the first mobile Voice-over-IP infrastructures called OctroTalk, the company ventured into building mobile gaming platforms. Sequoia Capital has invested in Octro. The funding was announced in June 2014.

We are seeking a highly skilled and experienced Subject Matter Expert (SME) to join our team and provide valuable insights and analysis on our cybersecurity training content and competitors. Our business vertical focuses on delivering automated cybersecurity training through a software platform to over 1 million employees of our 150+ global customers. We cater to various industries and diverse backgrounds, with different levels of technical expertise. Thus, we create a diversified variety of content to cater to the training requirements of different user groups and personas. The SME's role will be pivotal in ensuring efficient and effective cybersecurity awareness training by creating high-quality content. 

Responsibilities: 

● Review and evaluate cybersecurity awareness content to ensure accuracy, relevance, and effectiveness. 

● Write industry-specific technical content to cater to the diversified audience.

● Provide feedback and recommendations to improve content quality and alignment with industry standards. 

● Conduct competitive analysis to identify industry trends, best practices, and potential gaps in our offerings. 

● Analyze global competitor strategies and offerings to identify strengths, weaknesses, and opportunities that benefit our customers. 

● Stay up-to-date with the latest cybersecurity trends and industry developments to ensure our offerings remain competitive. 

● Collaborate with cross-functional teams to ensure content is aligned with marketing and sales strategies. 

● Identify and refine complex security problems in a simplified and layman way. 

Qualifications: 

● Bachelor's degree or certifications in cybersecurity, computer science, or a related field.

● Minimum of 3-5 years of experience in cybersecurity content writing and competitive analysis.

● Strong knowledge of cybersecurity concepts and best practices. 

● Experience with analyzing competitor strategies and offerings. 

● Excellent communication and collaboration skills. 

● Strong analytical and critical thinking skills. 

● Self-motivated and able to work independently. 

● Ability to adapt to changing priorities and deadlines. 

If you are a cybersecurity professional with a passion for creating high-quality content and analyzing the cybersecurity industry's latest trends and developments, we encourage you to apply. Join our team and help us deliver top-notch cybersecurity awareness training to our global customers.

Role : Full-Time Individual Contributor (IC)

Reporting to : Solution Architect / Program Manager

Education : BTech/ BE / MCA / MSc Computer Science

Industry : Product Engineering Services or Enterprise Software Companies

About Us

CLOUDSUFI is a Silicon Valley-based specialist Data Engineering & Cloud Technologies player with top-tier clients, favorable revenue mix, strong financial performance, and robust management. We pride ourselves in helping in the Data Discovery, Insights and Monetization for organizations. We offer quality of work, opportunities to learn new platforms/technologies that will help young engineers put themselves ahead in their careers compared to their peers in the IT Services industry. CLOUDSUFI is a Data Science and Product Engineering company building Products/Solutions for Technology and Enterprise industries leveraging the advent of Cloud Hyper Scalers and AI/ML, NLP technologies. The organization is built to scale with strong external/ internal tech capabilities and governance standards. Started in 2019, CLOUDUSUFI is a family of 250 members working towards a common goal of making the enterprise data dance. To know more, please visit https://cloudsufi.com

ABOUT THE ROLE

InfoSec Engineers will participate in all phases of a typical DevOps pipeline: plan, code, build, test, release, and deploy. He/she will be scanning our networks, applications, and containers (images). In addition to the Vulnerability Management platform, this individual will support and/or serve as a backup for AWS WAF, Guard Duty, PagerDuty, and CloudFlair security platforms.

This Includes: ● Work independently with vendors and collaborate with colleagues ● -Experience on monitoring and operation of AWS cloud infrastructure ● -Experience with AWS automation tools Terraform ● -Analyzing, Troubleshooting and resolving issues with the cloud monitoring tools as Datadog and Cloudflare ● -The ability and skill to train other people in procedural and technical topics ● -Strong communication and collaboration skills

ABOUT YOU ● 3+ years’ experience with Tenable.io platform ● 3+ years’ experience with AWS orchestration via Terraform script ● 3+ years’ experience with CloudWatch/CloudTrail/Guard Duty ● 3+ years’ experience with AWS WAF ● 3+ years’ experience with CloudFlare ● 2+ years’ experience with DataDog ● Experience with PagerDuty ● Ability to make nuanced threat assessments ● Experience with the NIST family of Information Security-related publications including 800-37, 800-30, and 800-53 ● Significant experience with PCI, SOC2, SOX, HIPAA, or other compliance regimes Salary: Best as per Industry Standards

• Extensive experience in designing, building & supporting Azure Managed Services Operations.
• Good understanding of Azure IaaS and PaaS services (Azure VMs, App Service, VM Scale set, Storage, Web App, Function App, Logic App, SQL instance, Data factory, Key vault, API management service etc.).
• Good understanding of Azure networking, vNet, NSG, various load balancing services, VPN, Express Route and firewalls in cloud environment.
• Knowledge on Cloud Adoption Framework.
• Hands on Experience in migration of various workloads to Azure from on-prem sources like VMware, Hyper-V, Physical Servers and from other Clouds.
• Knowledge of Azure Backups and ASR (Azure Site Recovery).
• Strong Knowledge on Containerization and Orchestration (Docker, Kubernetes, AKS).
• Powershell Scripting, Azure CLI, ARM templates writing, setup automation for resources provisioning and other IaC tools like terraform, Ansible is an added advantage.
• Knowledge on Azure automation and Automation Desire State Configuration.
• Knowledge on Azure Devops or GIT Actions on CI/CD pipeline configuration.
• Strong experience in configuring, maintaining, and troubleshooting Microsoft based production systems.
• Aspire to learn and be able to pick up latest technical advances in Azure and be able to implement it.
• Certificate on Azure Administrator & Azure Architect has added advantage.

What will you do?

• Act as senior level escalation point for technical remediation of incidents and service requests.
• Work as L2 resource in AWS Cloud infrastructure and system administration team providing technical support and resolving issues
• Troubleshoot technical issues faced which could be related to external interfaces, networking, application and Ubuntu configuration, IIS Configuration, Linux Servers etc.
• Resolving urgent and immediate requests by support team in a vibrant and demanding environment.
• Test upgrades and patches from development team prior to client rollout
• Document the Interface testing and other details, update and complete all handovers.
• Coordinate directly with on-site IT, vendors, off-site helpdesks over email or phone calls to complete technical assignments.
• Do audit of new implemented properties for initial few weeks and identify the repeated issues reported by property.

Technical Competencies you’ll possess:

• Strong Linux and Windows Administration skills
• In depth knowledge of the windows servers & Linux servers.
• Good understanding of AWS Cloud Infrastructure, Networking, Firewall, Infrastructure, SQL and IIS Configuration, Ubuntu Configurations and MySQL.
• Working knowledge of interfaces and integrations of systems.
• Enhanced troubleshooting skills.
• Possess a good understanding of Internet based technologies including DNS, Security, IP Routing,- SSH, FTP, HTTP/HTTPS, Email Routing, etc.

Job Responsibilities:

Experience: 8 Yrs to 12 Yrs

1. Hands-on expertise on performing Application pen testing (Mobile(Android, IOS),networking, web application pen testing),
2. Should worked on IOT,AWS,Application Penetration Testing, Reverse Engineering, source code review, CI/CD Pipeline
3. have done any submission on Bug crowd or Bug Bounty.
4. have developed tools or scripts for web pen test on GitHub.
5. Certified on OSCP
6. Threat Modeling
7. Network scan in stealth mode or simple scan using Nmap and Burp suite

Implement security measures which monitor and protect sensitive data and systems from infiltration and cyber-attacks.

Developing different ways to solve the existing threats and security issues.

Configuring and implementing intrusion detection systems and firewalls.

Security product development, testing, and implementation.

Responsible for security technology research, penetration testing, and vulnerability scanning.

Please follow the below inputs.

The shift will starts from 03:00 PM to 12 AM (fixed for few months),

OSCP certification(Not mandatory, preferable)

Below are the primary key skills:

Total Application Security Experience:

Total Security Architecture Experience:

IOT(optional)

MOBILE

WEB

AWS(Mandatory)

NETWORKING

THREAT MODELS