The Incident Response (IR) Lead manages a team of experts with diverse skill setsincluding Security Operations Center (SOC), Forensics, and technical Subject Matter Expert (SME) advisory. The IR Lead is specifically tasked with managing all aspects of an Incident Response engagement to include incident validation, monitoring, containment, log analysis, system forensic analysis, and reporting. The Incident Response Lead is also responsible for building the relationship with the client and client’s counsel and ensuring the engagement’s objectives and expectations are met and executed successfully as documented in the statement of work. You will leverage a solid foundation of technical expertise in Cybersecurity, Incident Response, and Digital Forensics to successfully execute your responsibilities.
ROLES AND RESPONSIBILITIES
· Accurately collects information from the client concerning the incident to include but not be limited to the client’s environment, size, technology, and security threats. In addition, the IR Lead is responsible for capturing all client’s expectations and objectives throughout the engagement to ensure successful delivery.
· The main point of contact manages and participates in all communications with the client and the client’s counsel during the engagement. The IR Lead sets the cadence for communications.
· Management and Coordination of all technical efforts for the IR engagement to drive the process forward through; tool deployment, ransomware decryption, restoration, and recovery efforts, system rebuilds, system, application, and network administration tasks.
· Coordinates with the Ransom Specialist when ransom negotiations are needed. Ensures updates regarding ransom status are delivered to the client and counsel in a timely fashion.
· Manages and coordinates the onsite efforts with the Onsite Lead or team ensuring they understand and can execute the objectives for the onsite work. Additional responsibilities with onsite efforts include ensuring communications are frequent and getting the daily onsite update communicating these back to the IR Director and/or IR Ops Associate for their Tiger Team.
· Ensures the Forensic Lead is coordinating the collection of data necessary for the investigation.
· Ensures SentinelOne is deployed on time and adding value.
· Communicates with sales when appropriate for SentinelOne, provide client contact.
· Communicates in tandem with the Forensic Lead pertinent findings to the client during the investigation.
· Follows up with the SOC Lead on SentinelOne alerts and encourages/coordinates client participation with the product.
· Accountable for final report review, ensuring the report is accurate, professional, and meets the objective of client counsel.
· Other duties as assigned.
DISCLAIMER The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required personnel so classified.
Role Description : Skills & Knowledge
1. Experience leading scoping calls
2. Strong background and practical hands-on experience with Windows or Linux System and Network Administration, Security DevOps, Incident Response and Digital Forensics, or Security Engineering
3. Practical experience performing in a functional role including but not limited to one or more of the following disciplines: computer forensics, Incident Response, data analytics, Security Operations, and Engineering, Digital Investigations
4. Possesses strong verbal and written communication skills
· Bachelor's degree in Computer Science, Computer Engineering, Information Assurance, Forensic Sciences, or related technical field; Graduate degree preferred
· 10+ years experience leading full-cycle incident response investigations and communicating with the client/counsel/carriers
· Must be eligible to work in the US without sponsorship
WORK ENVIRONMENT While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of this job.
· No physical exertion is required.
· Travel within or outside of the state.
· Light work: Exerting up to 20 pounds of force occasionally, and/or up-to 10 pounds of force as frequently as needed to move objects.
A BIT ABOUT US
Appknox is one of the top Mobile Application security companies recognized by Gartner and G2. A profitable B2B SaaS start-up headquartered in Singapore & working from Bengaluru.
The primary goal of Appknox is to help businesses and mobile developers secure their mobile applications with a focus on delivery speed and high-quality security audits.
Appknox has helped secure mobile apps at Fortune 500 companies with Major brands spread across regions like India, South-East Asia, Middle-East, US, and expanding rapidly. We have secured 300+ Enterprises globally.
We are a 30+ incredibly passionate team working to make an impact and helping some of the biggest companies globally. We work in a highly collaborative, very fast-paced work environment. If you have what it takes to be part of the team, we are excited and let’s speak further.
To join the security team engaging with multiple clients, helping them with end to end security audits, also research about new topics and vulnerabilities to be added to the scanner, present it in conferences.
What An Ideal Candidate Would Look Like:
- Skills - Application Penetration Testing (Web, iOS and Android), experience with IoT testing, source code audits.
- Technology Stack: AWS, GCP, Objective C, Java, Python
- Responsibilities: Engage with clients for scoping call, perform security audits, remediation call with clients to patch the issues, research on new technologies/vulnerabilities
- Should have at least 2 years experience in security or show something that proves experience doesn’t matter
- Strong Analytical Skills
- Strong grasp of fundamentals of information security
- Self-taught learner willing to read and keep up-to-date on technological changes and how they could be used
- Can accurately define an issue and create detailed Proof-of-concept and write-up of the findings.
- Provide appropriate remediation and mitigations of the identified vulnerabilities.
- Security assessment of web/mobile/cloud application on various platforms
- Focusing on Mobile Application Security
- Static and Dynamic Code Analysis
- Develop and interpret security standards and guides
- Automation of security test cases
- Understand and explain the results with impact on business and compliance status
- Continuously learning and training on latest tools and technique
Within 1 month
Training on processes, security workflow
Within 3 months
Pentesting web, mobile, API endpoints
Within 6 months
Research and publish whitepapers, contribute to the Appknox Scanner
Personality traits we really admire:-
- A confident and dynamic working persona, which can bring fun to the team, and a sense of humour, is an added advantage.
- Great attitude to ask questions, learn and suggest process improvements.
- Has attention to details and helps identify edge cases.
- Highly motivated and coming up with fresh ideas and perspective to help us move towards our goals faster.
- Follow timelines and absolute commitment to deadlines.
Interview Process -
- Round 1 Interview - Profile Evaluation; HR
- Round 2 - Testing Assignment
- Round 3 - Technical Interview with security team members
- Round 4 - Technical Interview with the CTO and Team Lead
- Round 5 - HR Round
- As per industry standards
Why Join Us:-
- Freedom & Responsibility: If you are a person who enjoys challenging work & pushing your boundaries, then this is the right place for you. We appreciate new ideas & ownership as well as flexibility with working hours.
- Great Salary & Equity: We keep up with the market standards & provide pay packages considering updated standards. Also as Appknox continues to grow, you’ll have a great opportunity to earn more & grow with us. Moreover, we also provide equity options for our top performers.
- Holistic Growth: We foster a culture of continuous learning and take a much more holistic approach to train and develop our assets: the employees. We shall also support you all on that journey of yours.
- Transparency: Being a part of a start-up is an amazing experience one of the reasons being open communication & transparency at multiple levels. Working with Appknox will give you the opportunity to experience it all first-hand.
- Health insurance: We offer health insurance coverage upto 5 Lacs for you and your family including parents.
We are looking for cloud solution professionals with the following skill sets;
Experience: 10+ years in cloud architecting
- Analyze and understand customer business processes and workflows, define requirements and design appropriate solutions.
- Provide End 2 end cloud Solutioning along with secured infra
- Collaborate with vendors for the execution
- Well understanding on open source stack frameworks, AWS & Azure Cloud services
- Solutioning extending from green field to enterprise view
- Presentation skills with a high degree of comfort with both large and small audiences.
- High level of comfort communicating effectively across internal and external organizations
- Intermediate/advanced knowledge of the cloud services, market segments, customer base and industry verticals.
- Demonstrated experience leading or developing high quality, enterprise scale software products using a structured system development life cycle.
- Demonstrated ability to adapt to new technologies and learn quickly.
- Certified Solutions Architect( AWS / Azure)
- Recommendations on security, cost, performance, reliability and operational efficiency to accelerate challenging, mission-critical projects
- Experience migrating or transforming customer solutions to the cloud
Primary Skills :
JAVA / J2EE; Spring, Spring Boot, Microservices,Angular JS, Instream data handling, Elastics search DB, Mango DB,DevOps tools- Jenkin, github,maven build, Hands on AWS & Azure cloud services,Mobile: Native and hybrid app hands on;Docker Containers , AKS,Big data and Hbase, Data Lake , service bus, AD
Secondary Skills :
- Extensive experience in Microservices, Rest Services, JPA, Automated unit testing through tools.
- Proven design skills and expertise is required.
- Good knowledge of current / emerging technologies and trends.
- Good analytical, grasping and problem solving skills. Excellent written and verbal communication skills. High levels of initiative and creativity.
- Good communication skills with all stake holders, good team player with ability to mentor juniors
At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.
F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.
- Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
- You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
- You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
- You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
- You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
- Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members
- BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
- Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
- Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
- Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
- Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
- Good understanding of complexities and security challenges in large-scale distributed systems
- Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
- Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
- Excellent written and verbal communication skills
- Strong interpersonal, team building, and mentoring skills
|• Deliver and support the deployment of Red Hat Ansible Automation Platform automation for enterprises|
|• Design, create, and deliver content that will enable support automation solutions at scale|
|• Working experience(min 6 months) in Ansible, RESTful APIs,|
|• Experience implementing a continuous integration (CI) or continuous development (CD) pipeline|
|• Intermediate-level scripting skills or Python|
|• Very good analytical/problem solving skills,|
|• Working experience in any one virtualized platform (VMware/Red Hat/Microsoft)|
|• Infrastructure(server/storage/network) management experience(desirable)|
|• Relational Database concepts(desirable)|
|• Understanding of cloud concepts|
|• 3+ Years of Hands-on Red Hat Ansible Automation Platform & DevOps Experience|
●Extensive experience of Linux, including familiarity with C, UNIX system calls, and low-level O/S and network protocols. Also block, file and object storage protocols.
●Experience of using a modern configuration management system (examples such as Ansible, Salt Stack, Puppet, or Chef) to automate the management of a large-scale Linux deployment.
●Effective troubleshooting skills across hardware, O/S, network, and storage.
●Ability to write robust, maintainable code in Python and/or Perl.
●Experience working in a large, multi-national enterprise in any industry vertical, showing experience of communicating and collaborating in globally distributed teams.
●Enthusiasm for modern development tools and practices including Git, Jenkins, automated testing, and continuous integration.
●Experience of designing, implementing and supporting large scale production IaaS platforms.
●Knowledge of building and managing Docker containers in a secure manner.
We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.
Roles & Responsibilities:
- Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
- Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
- Managing penetration tests and security reviews for core applications and APIs.
- Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
- Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
- Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
- Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
- Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
- Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
- Investigate privacy breaches.
- Educate employees on data privacy & security.
- Prioritize security requirements based on their severity of impact and product roadmap.
- Maintain a balance of security and business values across the organisation.
- Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
- Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.
- Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.
- Experience in Log Management, Security Event Correlation, SIEM.
- Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.
Good to Have Skills:
- Online Fraud Prevention.
- Bug Bounty experience.
- Security Operations Center (SOC) management.
- Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
- Experience / Knowledge on tools like Fortify and Nessus.
- Experience in handling logging tools on docker container images (ex. Fluentd).
Are you the one? Quick self-discovery test:
- Love for the cloud: When was the last time your dinner entailed an act on “How would ‘Jerry Seinfeld’ pitch Cloud platform & products to this prospect” and your friend did the ‘Sheldon’ version of the same thing.
- Passion: When was the last time you went to a remote gas station while on vacation and ended up helping the gas station owner saasify his 7 gas stations across other geographies.
- Compassion for customers: You listen more than you speak. When you do speak, people feel the need to listen.
- Humor for life: When was the last time you told a concerned CEO, ‘If Elon Musk can attempt to take humanity to Mars, why can’t we take your business to run on the cloud?
So what are we looking for?
- Experience in On-premises to AWS cloud Migration.
- Linux and Windows servers knowledge .
- Application knowledge like Java, .net, Python, Ruby.
- On-premises to Cloud migration assessment experience as a must .
- Able to provide a detailed migration analysis report and present it to the customer.
- Creative problem-solving skills and superb communication skills.
- Respond to technical queries / requests from team members and customers.
- Ambitious individuals who can work under their own direction towards agreed targets/goals.
- Ability to handle change and be open to it along with good time management and being able to work under stress.
- Proven interpersonal skills while contributing to team effort by accomplishing related results as needed.
- Maintain technical knowledge by attending educational workshops, reviewing publications.
- Managing initiatives for migration and modernization in AWS cloud environment
- Leads and builds Modernization architecture solution from (on-prem or VMWare) into modern platform (Cloud AWS) through modular design by understanding application components
- Leads and SME in Modernization methodology and can lead the Design thinking workshop, method tailoring as Client environment and Client industry
- The 6 most common application migration strategies below required
- Re-host (Referred to as a “lift and shift.”)
- Re-platform (Referred to as “lift, tinker, and shift.”)
- Re-factor / Re-architect
- Retain ( Referred to as re-visit.)
- Application migration analysis experience like application compatibility on the cloud, Network, security support on cloud.
- Is Education overrated? Yes. We believe so. But there is no way to locate you otherwise. So we might look for at least a Bachelor’s or Master's degree in engineering from a reputed institute or you should be programming from 12.
- And the latter is better. We will find you faster if you specify the latter in some manner. Not just a degree, but we are not too thrilled by tech certifications too :)
- Architects with 10+ total and 6+ years of experience on Modernization applications and led Architecture initiatives on AWS Modernization.
- Managed and implemented at least 5 engagement modernizing client applications to AWS Cloud and on WebSphere and Java/J2EE or .NET.
- Experience on using DevOps tools during Modernization.
- Complete in-depth experience and knowledge of AWS as a product and its components.
- AWS certification would be preferred.
- Experience in Agile fundamentals and methodology.
Why are we building UrbanClap?
The local and home services industry is very fragmented and unorganized. Prior to UrbanClap, hiring a plumber, beautician, yoga trainer, math tutor etc. was a painful process. There were no standards, no concept of trust, pricing inefficiencies etc. In a nutshell, the industry was shackled in the “yellow pages” era, and had seen no fundamental innovation for far too long.
The UrbanClap team is young and passionate, and we see a massive disruption opportunity in his industry. By leveraging technology, and a set of simple yet powerful processes, we wish to build a platform that can organize the world of services - and bring them to your finger-tips.We believe there is immense value (akin to serendipity) in bringing together customers and professionals looking for each other. In the process, we hope to impact the lives of millions of service entrepreneurs, and transform service commerce they way Amazon transformed product commerce.
1. Lead the IT Network Security function at Urban Company and serve as the subject matter expert to manage the overall IT security infrastructure. The candidate will report directly to the Head of Workplace Infrastructure.
2. Maintaining firewalls, virtual private networks, web protocols, and email security
3. Develop the Incident management protocols to troubleshoot and repair network-related problems, system failures, switching/routing, etc.
4. Ensure the infrastructure is properly monitored within set thresholds and that alerts regarding network outages are addressed in a timely manner
5. Identify/diagnose network configuration and/or performance irregularities.
6. Determining latest technologies and processes that improve the overall security infrastructure.
7. Manage vendors and critical system AMCs
1. Strong hands on experience on Network Hardware like Cisco Meraki, Juniper switches, Sophos XG firewall and other firewalls
2. Good understanding and knowledge of Network and Security
3. Knowledge of network monitoring tools
4. Strong practical knowledge of network concepts including DNS, DHCP, VPN, NAT, ACL, Access Groups, IPsec, AAA network protocols, port configuration, link aggregation, spanning tree optimization, traffic Shaping, and performance tuning.
5. Basic knowledge in Linux Unix command line, window’s batch scripts
6. Decode the error /alarm status, understand the failed unit / device and provide hands and feet support in resolution through strong hardware and networking troubleshooting techniques
7. Maintain an updated document for LAN and WAN network diagrams with relevant details
8. Monitor Routers & Interface statistics for up / down status along with router CPU Utilization & log monitoring, study CPU usage, memory usage, fine-tuning, availability, throughput, and latency) and test for weaknesses and recommend upgrade
9. Provide comprehensive and up-to-date documentation and inventories of Network assets, Services procedures, and configurations to ensure that maintenance and continuity of the Service is achievable in a timely manner
10.Define Security Concept deployment, Security Policies for Urban Company