Experience:- Overall 10 to 12 years of experience of which atleast 5 to 7 years’ experience should be in Information Security. Mandatory is 5 to 7 years’ experience in Information security and with one full end to end implementation experience.
Base location: - Bengaluru - Must
Requirements: -
- Mandatory - ISO 27001:2013 lead implementor certified
- Mandatory - ISO 27001:2013 lead auditor certified (but if it is a good candidate, we can still consider)
- Good to have – CISA, CISM, Risk management certification, Privacy certifications.
- Mandatory - Atleast one end to end implementation experience of ISO 27001 standard. The candidate should have a good implementation knowledge of ISO 27001, ISO 27002 standards and is required to implement the ISO requirements and run the ISMS program for multiple countries.
- This immediate requirement is for implementing the ISMS program for our Canadian office location. The candidate should be willing to work from Bengaluru in EST time zone during this implementation phase whenever required.
- Good documentation skills.
- Develop, implement, maintain, review and continually improve Information Security policies.
- Good understanding and knowledge of applicable legal and regulatory requirements as relevant to information security.
- Manage and maintain a risk register / risk database along with risk treatment plans.
- Good understanding of physical and environmental security.
- Conduct Internal Audits based ISO 27001 standards and Personal Data Protection policies. A good experience in independently conducting Internal and supplier audit with respect to information security.
- Provide training to the employees on Privacy & Information Security Management System on regular intervals.
- The greater part of the job involves interacting with people, interviewing them / auditing, Preparing audit reports, discussing / persuading / influencing.
- Mandatory: Good verbal and written communication skills. Eye for details.
- Good presentation skills.
- Since this is a trusted role, candidates must be willing to undergo extensive background checks to verify their identity, character, qualifications, skills and experience.
Subodh Popalwar
Software Engineer, Memorres
About Emids Technologies
Emids Technologies is an IT services organization specializing in US healthcare. Our purpose is to use technology to make global healthcare accessible, affordable and of high-quality.
Established in 1999, emids employees over 2000+ employees spread across 3 continents. We are headquartered out of Nashville, Tennessee and have a presence in UK and India. In India we have 3 delivery centres in Bangalore and one delivery centre in Hyderabad which will largely cater to product engineering and R&D type of work, we started our office in Noida location also.
Emids has worked extensively on agile based product engineering using modern technologies providing solutions into healthcare technology, life sciences, payers and providers. In September 2019, Emids announced a partnership with New Mountain Capital.
100% of our revenue comes from the Healthcare domain. We support all different segments of the Healthcare vertical – Payers, Providers and Lifesciences organizations developing products for the Healthcare companies. emids is a leader in the Healthcare space and we have received numerous industry accolades. Emids has been rated as one of the top 50 fastest-growing firms in middle Tennessee. We are also one of the top 3 Healthcare IT co.’s in Nashville. Over 90 million lives are touched by clinical systems built by us. Systems built by us record over 2 million daily transactions. 3 of the top 5 payers use us. Epic and Cerner, 2 of the world’s most prominent EHR systems have signed us as their premium partners.
Healthcare organizations largely use Emids to help develop their application and product roadmap. Our strong domain knowledge coupled with a very strong development and R&D mindset has established us as a niche Healthcare IT co. focussed on innovation. Bulk of the work that we do is in the application or product development space.
JavaWorking at the intersection of design, engineering and domain expertise, our passionate team of problem solvers work closely with customers to blaze new trails that will positively impact the future of health.
Using technology and insights, we move nimbly and provide trusted advice, seeking ways to amplify results.
We focus on what matters. Creating transformative outcomes for patients, providers and partners.
We’re committed to bettering healthcare and empowering wellness.
Similar jobs
Overseeing all technology operations including Software, Networking,
Hardware and Security along with evaluating them according to
established goals.
• Devising and establishing IT policies and systems to support the
implementation of strategies set by upper management with plans for
redundancy, zero to no downtime and constantly improving business operations
and processes
• Analyzing the business requirements of all departments to determine their
technology needs.
• IT Head manage and supervise an organization's technical operations which
includes overseeing IT department employees and ensuring all technology.
systems and applications support the organization's goals and objectives.
• IT Head should have in-depth knowledge of new software development, able
to prepare Wire frame design & Architecture, able to design and describe
SOW for all new IT software development.
• Overseeing all IT operations infrastructure.
• Developing, implementing, and evaluating IT projects in line with
organizational objectives.
• Liaising with other departments to determine and address their IT needs and
requirements.
• Managing and supervising employees in the IT department.
• Ensuring the maintenance of current projects and technology systems.
• Identifying vulnerabilities, the need for upgrades, and opportunities for
improvement.
• Proposing strategic solutions and recommending new systems and software.
• Preparing financial budgets and performance reports.
• Building and maintaining relationships with external advisors and vendors.
• Ensuring reported issues are resolved in a timely manner.
IT AVP Requirements:
• A bachelor's degree in computer science or a related field.
• A master's degree in computer science is preferred.
• Proof of continued education, such as software certifications, is desirable.
• Experience with ERP, CRM, Business Intelligence, Warehouse Management
(WMS)/Supply Chain Management (SCM), Cloud Storage (Azure/AWS), DAM, MS
365, Marketing Automation and other business applications
• Knowledgeable in successful API integration of CTI and other communication
technologies like whatsapp with business applications
• Identifying vendors, developing SOW and wireframes, successfully managing projects
to completion for Websites (js/node/react/shopify/wordpress etc) and application
development
• Use of low code/no node application development in MS platforms would be
desirable
• At least 3 to 5 years of experience.
• Excellent written and spoken communication and interpersonal skills.
• Strong leadership and project management skills.
• Solid analytical and problem-solving skills.
Job Summary:
The Incident Response (IR) Lead manages a team of experts with diverse skill setsincluding Security Operations Center (SOC), Forensics, and technical Subject Matter Expert (SME) advisory. The IR Lead is specifically tasked with managing all aspects of an Incident Response engagement to include incident validation, monitoring, containment, log analysis, system forensic analysis, and reporting. The Incident Response Lead is also responsible for building the relationship with the client and client’s counsel and ensuring the engagement’s objectives and expectations are met and executed successfully as documented in the statement of work. You will leverage a solid foundation of technical expertise in Cybersecurity, Incident Response, and Digital Forensics to successfully execute your responsibilities.
ROLES AND RESPONSIBILITIES
· Accurately collects information from the client concerning the incident to include but not be limited to the client’s environment, size, technology, and security threats. In addition, the IR Lead is responsible for capturing all client’s expectations and objectives throughout the engagement to ensure successful delivery.
· The main point of contact manages and participates in all communications with the client and the client’s counsel during the engagement. The IR Lead sets the cadence for communications.
· Management and Coordination of all technical efforts for the IR engagement to drive the process forward through; tool deployment, ransomware decryption, restoration, and recovery efforts, system rebuilds, system, application, and network administration tasks.
· Coordinates with the Ransom Specialist when ransom negotiations are needed. Ensures updates regarding ransom status are delivered to the client and counsel in a timely fashion.
· Manages and coordinates the onsite efforts with the Onsite Lead or team ensuring they understand and can execute the objectives for the onsite work. Additional responsibilities with onsite efforts include ensuring communications are frequent and getting the daily onsite update communicating these back to the IR Director and/or IR Ops Associate for their Tiger Team.
· Ensures the Forensic Lead is coordinating the collection of data necessary for the investigation.
· Ensures SentinelOne is deployed on time and adding value.
· Communicates with sales when appropriate for SentinelOne, provide client contact.
· Communicates in tandem with the Forensic Lead pertinent findings to the client during the investigation.
· Follows up with the SOC Lead on SentinelOne alerts and encourages/coordinates client participation with the product.
· Accountable for final report review, ensuring the report is accurate, professional, and meets the objective of client counsel.
· Other duties as assigned.
DISCLAIMER The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required personnel so classified.
Role Description : Skills & Knowledge
1. Experience leading scoping calls
2. Strong background and practical hands-on experience with Windows or Linux System and Network Administration, Security DevOps, Incident Response and Digital Forensics, or Security Engineering
3. Practical experience performing in a functional role including but not limited to one or more of the following disciplines: computer forensics, Incident Response, data analytics, Security Operations, and Engineering, Digital Investigations
4. Possesses strong verbal and written communication skills
JOB REQUIREMENTS
· Bachelor's degree in Computer Science, Computer Engineering, Information Assurance, Forensic Sciences, or related technical field; Graduate degree preferred
· 10+ years experience leading full-cycle incident response investigations and communicating with the client/counsel/carriers
· Must be eligible to work in the US without sponsorship
WORK ENVIRONMENT While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of this job.
PHYSICAL DEMANDS
· No physical exertion is required.
· Travel within or outside of the state.
· Light work: Exerting up to 20 pounds of force occasionally, and/or up-to 10 pounds of force as frequently as needed to move objects.
Security (AM/Executive)
• To design the security infrastructure / policies for the organisation, implement & monitor the same
• To ensure security compliance with respect to recommendations received from government agencies like CEA, NCIIPC
• Design, review, implement & monitor IT security related controls as part of Internal
• Controls, IFC, ERM
• ISMS certification (ISO 27001) for IT systems; this will include preparation and periodic review of policies and SOPs, regular trainings and maintaining records in prescribed formats
• Conducting internal security audit and generating reports by deploying VA tools
• Periodic security/VAPT audits and implementation of the findings
• IT security related new initiatives like - Security Operations Centre (SOC), Security Information and Event Management (SIEM), cloud security, EMM-enterprise mobility management
• Creating IT Security awareness within the organisation
achelor of Engineering or Technology; or any degree on par;
· 12-15 years of Experience in security and similar areas solution/product development, design, etc
· Minimum 7-8 years of experience in an Enterprise or Cyber Security practice dedicated role
· Experience in Enterprise deployment of security with in depth knowledge of security, implementing security solutions and working closely with global customer accounts.
· Proficient with concepts like SOC, OWASP Top 10 etc
· Understanding of Enterprise Cyber security models like Mitre ATTACK and roadmap modelling.
· Excellent analytical and problem-solving skills to drive product development
· Excellent communicator, whether writing, speaking or presenting
· Experience gathering and analysing data to create useful metrics that support positive change
CWhat are we looking for?
An enthusiastic individual with the following skills. Please do not hesitate to apply if you do not match all of it. We are open to promising candidates who are passionate about their work and are team players.
Key Responsibilities & expectations from the candidate
- Must have strong experience in Information Security Management system(ISMS), creation of policy, procedures and implementation.
- Operates as a key contributor to the RFP, Third-Party Risk assessment, cloud security assessment etc.
- Lead the strategic and tactical development of information security framework, risk management and new compliance initiatives
- Subject matter expertise in ISO 27001, SOC2, CCPA, CPRA, GDPR, PCI DSS and HIPAA.
- Must have a strong experience in the documentation process and reviewing MSA, SCC, SLA & DPA.
- Good knowledge of BCP/DR, Incident response, VA/PT and Audit methodologies of various compliance frameworks.
- Good knowledge of Access management, Network, Application Security, Encryption, Backup, Physical Security, ISMS Training & Awareness etc..
- Ability to deal with the customers and vendors on Security and privacy matters.
- Knowledge of Core IT processes, SDLC, network infrastructure will be useful.
Personal Attributes
- Good written, oral, and interpersonal communication skills.
- Ability to conduct research into IT security issues
- Ability to present ideas in business-friendly and user-friendly language.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Highly self-motivated and hardworking.
Qualification and certification
- Bachelor’s/master's degree in Security, Computer Science, Management Information Systems, Engineering or related field.
- Should be at least ISO 27001 lead auditor or lead implementer.
- 3+ years of related work experience in information security governance, risk and compliance (GRC) or relevant compliance roles in the SaaS industry.
What can you look for?
A wholesome opportunity in a fast-paced environment that will enable you to juggle between concepts, yet maintain the quality of content, interact, and share your ideas and have loads of learning while at work. Work with a team of highly talented young professionals and enjoy the benefits of being here.
We are
It is a rapidly growing fintech SaaS firm that propels business growth while focusing on human motivation. Backed by Giift and Apis Partners Growth Fund II, Company offers a suite of three products - Plum, Empuls, and Compass. Company works with more than 2000 clients across 10+ countries and over 2.5 million users. Headquartered in Bengaluru, Company is a 300+ strong team with four global offices in San Francisco, Dublin, Singapore, New Delhi.
Way forward
We look forward to connecting with you. As you may take time to review this opportunity, we will wait for a reasonable time of around 3-5 days before we screen the collected applications and start lining up job discussions with the hiring manager. We however assure you that we will attempt to maintain a reasonable time window for successfully closing this requirement. The candidates will be kept informed and updated on the feedback and application status.
Amazon Web Services (AWS)Job Responsibilities:
Experience: 8 Yrs to 12 Yrs
- Hands-on expertise on performing Application pen testing (Mobile(Android, IOS),networking, web application pen testing),
- Should worked on IOT,AWS,Application Penetration Testing, Reverse Engineering, source code review, CI/CD Pipeline
- have done any submission on Bug crowd or Bug Bounty.
- have developed tools or scripts for web pen test on GitHub.
- Certified on OSCP
- Threat Modeling
- Network scan in stealth mode or simple scan using Nmap and Burp suite
Implement security measures which monitor and protect sensitive data and systems from infiltration and cyber-attacks.
Developing different ways to solve the existing threats and security issues.
Configuring and implementing intrusion detection systems and firewalls.
Security product development, testing, and implementation.
Responsible for security technology research, penetration testing, and vulnerability scanning.
Please follow the below inputs.
The shift will starts from 03:00 PM to 12 AM (fixed for few months),
OSCP certification(Not mandatory, preferable)
Below are the primary key skills:
Total Application Security Experience:
Total Security Architecture Experience:
IOT(optional)
MOBILE
WEB
AWS(Mandatory)
NETWORKING
THREAT MODELS
• Evaluate the organization’s security needs and establish best practices and standards accordingly.
• Designing, implementing, maintaining, overseeing, and upgrading all security measures needed to protect organizations’ data, systems, and networks.
• Responding to all security breaches to the network and associated systems.
• Troubleshooting all network and security issues and incidents.
• Routinely conduct penetration testing.
• Taking appropriate security measures to ensure that the organization's infrastructure and existing data are kept safe.
• Conducting testing and scans to identify any vulnerabilities in the network and system.
• Taking an active role in the change management process.
• Assist in any security breach investigations.
• Handling routine daily administrative tasks such as reporting and keeping open lines of communication with the organization’s appropriate departments.
NOTE- we are looking for hose who can join immediately or within notic period of 15-20days.
location_;Hyderabad
(wfh till pandemic)
JOB DESCRIPTION
• Job Scope
o Analyse incident in our security devices, conducting investigation and finding the
root cause of incidents.
o Managing endpoint detection security system
o Managing, configuration and fine tuning of on-prem firewall and WAF
o Provide and advise IT team on security and IT related issues such as network
configuration, firewall configuration, etc
o Ensuring all utilized cloud services are secured and the configuration comply to best
practices benchmark
o Communicate risk and recommendations to mitigate risk to the senior
administration by communicating in non-technical format
o Assists other department to ensure regulatory compliance to any necessary
compliance
• Minimum Requirements
o At least 2 years of experiences in managing endpoint detection system, WAF and
FW.
o Hands on experience on cloud environment preferably Microsoft Azure.
o Bachelor’s degree of any IT related courses.
o Strong understanding of incident detection and response process and procedure
o Strong knowledge in networking and in operating system such as
Linux/Unix/Windows
We are looking for candidates with the below experience.
- Mandatory experience on any of
a) Cylance Protect and Optics
b) Crowdstrike Falcon Insight
c) Sentinel One ActiveEDR
d) Carbon Black EDR
- Hands-on experience in security incident response lifecycle and its phases
- Should have experience in L1 and L2 in EDR
- Hands-on experience in event and log analysis on Windows endpoints
- Overall experience: 3-7 years, Relevant experience: 2+ years
Please note : Candidate should have experience in the below skills must :
- EDR Experience
- EDR Product Worked on and which level of support they are working on
- Incident Response
- Malware Analysis
- Flexible for shifts
Follow CutshortSubodh Popalwar
Software Engineer, Memorres