IT Security Specialist
Roles and Responsibilities
- Extensive experience of 2-5 years in Vulnerability Assessment and Penetration testing, Web Application security.
- An Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, CSRF, authentication/authorization, OWASP top 10 issues.
- Must have working experience in OWASP Top 10 Vulnerabilities Testing in Web applications.
- Create policy and standards for developers and testers to secure programming in the organization. (secure code review, static application security testing.
- Experience on both commercial and open source tools Cenzic Hailstorm, Burpsuite, AppScan, WebInspect, Appspider, sqlmap, OWASP ZAP. Assessing cloud security risk (AWS and Azure) and recommending appropriate security controls.
- Ability to interact with project teams to understand the security requirements and come up with solutions
- Extensive knowledge of managing Web Application Firewall (Product) including rules management and product administration
- Strong understanding of networking concept.
Desired Candidate Profile
- Excellent knowledge of Microsoft Windows operating environments and with special attention to security and hardening issues.
- Able to work independently with minimal supervision.
- Good knowledge of secure software development standard, process, techniques, cloud security policies and tools.
- Keep stakeholders updated with communications and weekly reporting.
- Collaborate with Security Platform and Services teams to build and integrate existing security solutions.
- Excellent communication skills - written, verbal, presentation and interpersonal.
- Willing to learn new skills and implement new technologies.
- Should come with bachelor’s degree in engineering, mathematics or master’s in computer application / programing.
About Virtual Engineering Services Pvt Ltd
Similar jobs
L2 engineer - Palo Alto firewall experience of 3 years in handling technical support for customers.
Should have carried out technical support for clients via remote sessions other than on phone and email.
Should be able to analyze technical issues and provide resolutions.
Palo Alto firewall experience of 3 years in handling technical support for customers.
Should have carried out technical support for clients via remote sessions other than on phone and email.
Should be able to analyze technical issues and provide resolutions.
Should be able to communicate well.
Roles and responsibilities:
- Audit the current Information Security system and procedures and do a Gap analysis
- Identify immediate potential Information Security Risks and manage remediation tasks through to closure
- Create an Information Security Compliance Roadmap and execute end-to-end compliance initiatives by that roadmap
- Design high-quality test plans and direct Data/Information security control test activities
- Continuously improve Octro Data/Information security control framework
- Maintain handbook pages and procedures related to Information security compliance
- Identify opportunities for Information security compliance control automation, execute them and then maintain
- Provide actionable and constructive advisement to cross-functional teams, including driving remediation activities for high and select moderate-risk Observations across all Octro departments
- Design, develop, and deploy scripts to automate continuous control monitoring, administrative tasks and metric reporting for all security compliance programs
- Direct and support external audits as and when necessary
Requirements
- A minimum of 6-8 years' experience working with Data/Information Security Compliance programs
- Detailed knowledge of common information security management frameworks, regulatory requirements and applicable standards such as: ISO, SOC 2, GDPR, PCI etc.
About Octro Inc :
We are one of the fastest-growing mobile gaming companies around, a technology-driven organization at heart, and take pride in the platforms we create.
Founded in 2006 with a mission to create productivity applications for Mobile Devices. After pioneering one of the first mobile Voice-over-IP infrastructures called OctroTalk, the company ventured into building mobile gaming platforms. Sequoia Capital has invested in Octro. The funding was announced in June 2014.
We are seeking a highly skilled and experienced Subject Matter Expert (SME) to join our team and provide valuable insights and analysis on our cybersecurity training content and competitors. Our business vertical focuses on delivering automated cybersecurity training through a software platform to over 1 million employees of our 150+ global customers. We cater to various industries and diverse backgrounds, with different levels of technical expertise. Thus, we create a diversified variety of content to cater to the training requirements of different user groups and personas. The SME's role will be pivotal in ensuring efficient and effective cybersecurity awareness training by creating high-quality content.
Responsibilities:
● Review and evaluate cybersecurity awareness content to ensure accuracy, relevance, and effectiveness.
● Write industry-specific technical content to cater to the diversified audience.
● Provide feedback and recommendations to improve content quality and alignment with industry standards.
● Conduct competitive analysis to identify industry trends, best practices, and potential gaps in our offerings.
● Analyze global competitor strategies and offerings to identify strengths, weaknesses, and opportunities that benefit our customers.
● Stay up-to-date with the latest cybersecurity trends and industry developments to ensure our offerings remain competitive.
● Collaborate with cross-functional teams to ensure content is aligned with marketing and sales strategies.
● Identify and refine complex security problems in a simplified and layman way.
Qualifications:
● Bachelor's degree or certifications in cybersecurity, computer science, or a related field.
● Minimum of 3-5 years of experience in cybersecurity content writing and competitive analysis.
● Strong knowledge of cybersecurity concepts and best practices.
● Experience with analyzing competitor strategies and offerings.
● Excellent communication and collaboration skills.
● Strong analytical and critical thinking skills.
● Self-motivated and able to work independently.
● Ability to adapt to changing priorities and deadlines.
If you are a cybersecurity professional with a passion for creating high-quality content and analyzing the cybersecurity industry's latest trends and developments, we encourage you to apply. Join our team and help us deliver top-notch cybersecurity awareness training to our global customers.
Role : Full-Time Individual Contributor (IC)
Reporting to : Solution Architect / Program Manager
Education : BTech/ BE / MCA / MSc Computer Science
Industry : Product Engineering Services or Enterprise Software Companies
About Us
CLOUDSUFI is a Silicon Valley-based specialist Data Engineering & Cloud Technologies player with top-tier clients, favorable revenue mix, strong financial performance, and robust management. We pride ourselves in helping in the Data Discovery, Insights and Monetization for organizations. We offer quality of work, opportunities to learn new platforms/technologies that will help young engineers put themselves ahead in their careers compared to their peers in the IT Services industry. CLOUDSUFI is a Data Science and Product Engineering company building Products/Solutions for Technology and Enterprise industries leveraging the advent of Cloud Hyper Scalers and AI/ML, NLP technologies. The organization is built to scale with strong external/ internal tech capabilities and governance standards. Started in 2019, CLOUDUSUFI is a family of 250 members working towards a common goal of making the enterprise data dance. To know more, please visit https://cloudsufi.com
ABOUT THE ROLE
InfoSec Engineers will participate in all phases of a typical DevOps pipeline: plan, code, build, test, release, and deploy. He/she will be scanning our networks, applications, and containers (images). In addition to the Vulnerability Management platform, this individual will support and/or serve as a backup for AWS WAF, Guard Duty, PagerDuty, and CloudFlair security platforms.
This Includes: ● Work independently with vendors and collaborate with colleagues ● -Experience on monitoring and operation of AWS cloud infrastructure ● -Experience with AWS automation tools Terraform ● -Analyzing, Troubleshooting and resolving issues with the cloud monitoring tools as Datadog and Cloudflare ● -The ability and skill to train other people in procedural and technical topics ● -Strong communication and collaboration skills
ABOUT YOU ● 3+ years’ experience with Tenable.io platform ● 3+ years’ experience with AWS orchestration via Terraform script ● 3+ years’ experience with CloudWatch/CloudTrail/Guard Duty ● 3+ years’ experience with AWS WAF ● 3+ years’ experience with CloudFlare ● 2+ years’ experience with DataDog ● Experience with PagerDuty ● Ability to make nuanced threat assessments ● Experience with the NIST family of Information Security-related publications including 800-37, 800-30, and 800-53 ● Significant experience with PCI, SOC2, SOX, HIPAA, or other compliance regimes Salary: Best as per Industry Standards
- Extensive experience in designing, building & supporting Azure Managed Services Operations.
- Good understanding of Azure IaaS and PaaS services (Azure VMs, App Service, VM Scale set, Storage, Web App, Function App, Logic App, SQL instance, Data factory, Key vault, API management service etc.).
- Good understanding of Azure networking, vNet, NSG, various load balancing services, VPN, Express Route and firewalls in cloud environment.
- Knowledge on Cloud Adoption Framework.
- Hands on Experience in migration of various workloads to Azure from on-prem sources like VMware, Hyper-V, Physical Servers and from other Clouds.
- Knowledge of Azure Backups and ASR (Azure Site Recovery).
- Strong Knowledge on Containerization and Orchestration (Docker, Kubernetes, AKS).
- Powershell Scripting, Azure CLI, ARM templates writing, setup automation for resources provisioning and other IaC tools like terraform, Ansible is an added advantage.
- Knowledge on Azure automation and Automation Desire State Configuration.
- Knowledge on Azure Devops or GIT Actions on CI/CD pipeline configuration.
- Strong experience in configuring, maintaining, and troubleshooting Microsoft based production systems.
- Aspire to learn and be able to pick up latest technical advances in Azure and be able to implement it.
- Certificate on Azure Administrator & Azure Architect has added advantage.
What will you do?
- Act as senior level escalation point for technical remediation of incidents and service requests.
- Work as L2 resource in AWS Cloud infrastructure and system administration team providing technical support and resolving issues
- Troubleshoot technical issues faced which could be related to external interfaces, networking, application and Ubuntu configuration, IIS Configuration, Linux Servers etc.
- Resolving urgent and immediate requests by support team in a vibrant and demanding environment.
- Test upgrades and patches from development team prior to client rollout
- Document the Interface testing and other details, update and complete all handovers.
- Coordinate directly with on-site IT, vendors, off-site helpdesks over email or phone calls to complete technical assignments.
- Do audit of new implemented properties for initial few weeks and identify the repeated issues reported by property.
Technical Competencies you’ll possess:
- Strong Linux and Windows Administration skills
- In depth knowledge of the windows servers & Linux servers.
- Good understanding of AWS Cloud Infrastructure, Networking, Firewall, Infrastructure, SQL and IIS Configuration, Ubuntu Configurations and MySQL.
- Working knowledge of interfaces and integrations of systems.
- Enhanced troubleshooting skills.
- Possess a good understanding of Internet based technologies including DNS, Security, IP Routing,- SSH, FTP, HTTP/HTTPS, Email Routing, etc.
Job Responsibilities:
Experience: 8 Yrs to 12 Yrs
- Hands-on expertise on performing Application pen testing (Mobile(Android, IOS),networking, web application pen testing),
- Should worked on IOT,AWS,Application Penetration Testing, Reverse Engineering, source code review, CI/CD Pipeline
- have done any submission on Bug crowd or Bug Bounty.
- have developed tools or scripts for web pen test on GitHub.
- Certified on OSCP
- Threat Modeling
- Network scan in stealth mode or simple scan using Nmap and Burp suite
Implement security measures which monitor and protect sensitive data and systems from infiltration and cyber-attacks.
Developing different ways to solve the existing threats and security issues.
Configuring and implementing intrusion detection systems and firewalls.
Security product development, testing, and implementation.
Responsible for security technology research, penetration testing, and vulnerability scanning.
Please follow the below inputs.
The shift will starts from 03:00 PM to 12 AM (fixed for few months),
OSCP certification(Not mandatory, preferable)
Below are the primary key skills:
Total Application Security Experience:
Total Security Architecture Experience:
IOT(optional)
MOBILE
WEB
AWS(Mandatory)
NETWORKING
THREAT MODELS
What is the mission of the role? |
|
You are expected (through your processes & activities) to deliver world-class customer experience. Mission: The purpose of the role is to implement and troubleshoot Information Security products of 22by7 customers either on-site or remotely. Preparing Plan of Action (PoA), Scope of Work (SoW), and implementation documents. Carry out the technical activities thus ensuring Customer Satisfaction. |
|
· Troubleshooting L1/L2/L3 tickets and submitting the RCA. · Implementing information Security products and submitting the reports. · Presenting the appropriate solutions at customer meetings. · Keeping well informed of general technical developments, company products and services. · Maintaining accurate up to date reporting using the company systems and providing ad-hoc manual reporting where required. · Ensuring that product, technical and market knowledge is kept up to date by reading literature, networking, attending training courses, liaising with other colleagues and sharing unique knowledge with the rest of the company. |
|
Who are your key stakeholders? |
|
To achieve the outcomes of the role, you key transactional stakeholders internally are: - Team Lead - Product Managers - Solutions Architects |
|
You will be expected to create strong positive relationships with the customers you work with, in a capacity to help the organization service them better. |
|
What are you accountable for? |
|
You are accountable for end-to-end solutioning for client needs, including documentation, implementation, deployment & reporting.
|
|
|
As a Partner Development Solution Architect focused on GSI partners within Aqua Security, you will have the opportunity to deliver on a strategy to build mind share and broad use of Aqua Platform across the partner community. Your broad responsibilities will include: owning the technical engagement with strategic partners, position aqua to be part of partner offerings, and assist with the creation of new technical strategies to help partners build and increase their application security practice business. You will be responsible for providing subject-matter expertise on the security of running cloud native workloads, which are rapidly being adopted in enterprise deployments. You will also drive technical relationships with all stakeholders and support sales opportunities. You will also work closely with the internal sales and partner sales team throughout the sales process to ensure all of the partners’ technical needs are understood and met with the best possible solution.
Responsibilities:
The ideal person will have excellent communications skills and be able to translate technical requirements for a non-technical audience. This person can multi-task, is self-motivated, while still interacting well with a team; is highly organized with high energy level and can-do attitude. Required skills include:
- Experience as a sales engineer or solution architect, working with enterprise software products or services.
- Ability to assess partner and customer requirements, identify business problems, and demonstrate proposed solutions.
- Ability to present at technical meetups.
- Ability to work with partners and conduct technical workshops
- Recent familiarity or hands-on experience with:
- Linux distributions, Windows Server
- Networking configurations, routing, firewalling
- DevOps eco-system: CI/CD tools, datacenter automation, open source tools like Jenkins
- Cloud computing environments (AWS, Azure, and Google Compute)
- Container technologies like Docker, Kubernetes, OpenShift and Mesos
-Knowledge of general security practices & DevSecOps
- Up to 25% travel is expected. The ideal candidate will be located in Hyderabad, India
Requirements:
- 7+ years of hands on implementation or consulting experience
- 3+ years in a customer and or partner facing roles
- Experience working with end users or developer communities
- Experience working effectively across internal and external organizations
- Knowledge of the software development lifecycle
- Strong verbal and written communications
- BS degree or equivalent experience required