o Tools:
CrowdStrike Falcon Sensor - Or similar AV engine
Cisco Umbrella Web Filtering – Or similar Web Proxy Filter
Cisco FTD Intrusion Prevention – Or similar IPS/IDS
O365 Email Protection (Spam, Phishing) - Or similar
Phish Insight (Phishing Campaigns) - Or similar phish campaign technology
Nessus Professional – Or similar vulnerability scanning tool
Cisco NGFW – Or similar FW technology
o Technologies:
Cloud (AWS IaaS, O365 SaaS),
On Premis (Windows 90%, Linux 10%)
o Processes:
Computer security incident response
Security reviews and assessments
Vulnerability management Penetration tests
Manage Level 3 security incidents and requests
Ensures compliance with corporate policies and procedures
Research new ways to improve existing technical security controls
Project SME and Lead for security related projects
Conduct Risk assessments and assist in remediation activities
Assist in internal and external audit activities
Required Experience and Skills:
Bachelor's degree in Information Security, Computer Science or Engineering
Minimum of 3 years in security engineering
Knowledge in cloud ecosystems security - Amazon AWS, Microsoft O365
Ability to work well in an international team (US or EU time zone)
English spoken and written on at least B2 level
Understanding of security monitoring and identification concepts
Assessing and understanding the impact, severity and urgency of issues
Cybersecurity Certifications an advantage but not essential: CEH, C|HFI, CISSP, CISA, CISM
Expertise across a variety of security products including those listed in requirements above
About Product services company
Similar jobs
Key Responsibility Areas:
Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex Web applications, operating systems, wired and wireless networks, and mobile applications/devices Delivering targeted and intelligence led security penetration testing through a robust testing methodology and process Craft and develop scripts, frameworks, tools, and the methods required for facilitating and executing sophisticated charges, emulating malicious actor behavior sought at avoiding detection Conduct security assessments on a wide variety of technologies and implementations Develop and maintain security testing plans Maintain and evolve a mature set of security penetration testing and internal Red Team processes covering all areas of technology Automate penetration and other security testing on networks, systems and applications Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk Produce actionable, threat-based, reports on security testing results Act as a source of direction, training, and guidance for less experienced staff Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators Foster and maintain relationships with key stakeholders and business partners
Required Skills:
2 to 6 years of experience in information security with web application and network penetration testing experience Fluent in common cyber security domains such as cloud security, access control, encryption, identify management, security operations, application security, penetration tests, endpoint security, vulnerability management, threat intelligence Strong understanding of OWASP top 10.
Experience or knowledge of IT security risk assessments and gap analysis In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) Hands on experience with testing frameworks such as the PTES and OWASP Experience of functional testing, UI/UX testing and manual testing, Load, Performance testing across multiple browsers and devices Hands-on experience in designing and writing test automation scripts using test automation frameworks and knowledge on API Testing Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud
Qualification: Masters/Bachelor’s Degree
Job Title: Field Network Engineer Department
Location: IT department | IT department | Siddipet, Medak, Sangareddy, Vikarabad, Rangareddy, Narayanpet, Mahabubnagar, Wanaparthy, Nagarkurnool, Jogulamba, Gadwal, Medchal, Malkajgiri, and Hyderabad.
Reports to: Senior Network Engineer
Days/Hours of work: 9 Hrs (Monday to Saturday)
Salary Range: 2.52 LPA to 2.76 LPA
Requirement Bike and Driving License (Compulsory)
Summary of Position: - 1. Resolve, repair and install fiber optics systems and ensure that they work properly
2. Examine and replace faulty and old fiber optic cables and take care of fiber splicing and rectify fiber optic problem areas
3. Installation of Cisco router and switches
4. Installation of OLT and ONT devices
5. Cabling of Fibre optics cable.
Primary Responsibilities
- Cisco(Router & Switch)
- Network Devices (OLT & ONT)
- LAN and WAN experience
- Fiber Optics Cabling
Personal Specification
Any Graduate
Experience 0-1 year
Product Knowledge: Cisco, Router, Cisco Switch, Fiber Cable
Competencies
Language Hindi and English (Written and Oral).
- Manage and monitor all installed systems and infrastructure.
- Install, configure, test and maintain operating systems, application software and system management tools.
- Proactively ensure the highest levels of systems and infrastructure availability.
- Monitor and test application performance for potential bottlenecks, identify possible solutions and work with developers to implement those fixes.
- Maintain security, backup, and redundancy strategies.
- Provide 2nd and 3rd level support.
- Liaise with vendors and other IT personnel for problem resolution.
Security (AM/Executive)
• To design the security infrastructure / policies for the organisation, implement & monitor the same
• To ensure security compliance with respect to recommendations received from government agencies like CEA, NCIIPC
• Design, review, implement & monitor IT security related controls as part of Internal
• Controls, IFC, ERM
• ISMS certification (ISO 27001) for IT systems; this will include preparation and periodic review of policies and SOPs, regular trainings and maintaining records in prescribed formats
• Conducting internal security audit and generating reports by deploying VA tools
• Periodic security/VAPT audits and implementation of the findings
• IT security related new initiatives like - Security Operations Centre (SOC), Security Information and Event Management (SIEM), cloud security, EMM-enterprise mobility management
• Creating IT Security awareness within the organisation
- Develop efficient strategies to protect the system, the networking infrastructure, data, and information systems against potential threats/cyber risks
- Routinely performing threat analysis, system checks, and security tests
- Defining and updating information security criteria and validation procedures
- Effectively discuss to understand safety and security and fix the problems along with different stakeholders
- To be a security representative or point of contact for all technical deliveries, initiatives, and project implementations.
- To develop technical processes and procedures and promote compliance in line with regulations, corporate policies, or standards as per ISO27001
- Assess technical security risks in terms of impact on systems and service confidentiality, integrity, and availability, and report and escalate results of risk assessments.
- Report any real or potential security breaches/vulnerabilities to various stakeholders and provide technical support during incident response
- Monitor security tools to detect security events & incidents Report and escalate any security breaches to the Information Technology Security Officer
- Operate vulnerability scanning and compliance tools to identify system weaknesses
- Represent IT Security matters at technical and business forums.
Desired candidate profile :
- Relevant experience in the information security field
- Relevant experience working with ISO Policies, and GDPR guidelines.
- Strong knowledge of network architecture and security concepts related to routing
- Exceptional attention to detail
- Excellent analytical and problem-solving skills
- Great team player and able to work efficiently with minimal supervision
- Excellent communication skills, both written and verbal, work with the different stakeholders on strengthening the security risks.
- Able to handle and cope with stressful situations and understands the pressures of a start-up environment
- Develop efficient strategies to protect the system, the networking infrastructure, data, and information systems against potential threats/cyber risks
- Routinely performing threat analysis, system checks, and security tests
- Defining and updating information security criteria and validation procedures
- Effectively discuss to understand safety and security and fix the problems along with different stakeholders
- To be a security representative or point of contact for all technical deliveries, initiatives, and project implementations.
- To develop technical processes and procedures and promote compliance in line with regulations, corporate policies, or standards as per ISO27001
- Assess technical security risks in terms of impact on systems and service confidentiality, integrity, and availability, and report and escalate results of risk assessments.
- Report any real or potential security breaches/vulnerabilities to various stakeholders and provide technical support during incident response
- Monitor security tools to detect security events & incidents Report and escalate any security breaches to the Information Technology Security Officer
- Operate vulnerability scanning and compliance tools to identify system weaknesses
- Represent IT Security matters at technical and business forums.
Desired candidate profile :
- Relevant experience in the information security field
- Relevant experience working with ISO Policies, and GDPR guidelines.
- Strong knowledge of network architecture and security concepts related to routing
- Exceptional attention to detail
- Excellent analytical and problem-solving skills
- Great team player and able to work efficiently with minimal supervision
- Excellent communication skills, both written and verbal, work with the different stakeholders on strengthening the security risks.
- Able to handle and cope with stressful situations and understands the pressures of a start-up environment
Job description- Information Security(Financial)
Roles and Responsibilities
HTC Global Security Delivery Centre will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills
Work profile of individual
- As part of the companyC Global cyber security consulting team, individual’s primary role would be to be a part of ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS, Cyber Security, SOX ITGC on customer engagements
- Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
- Will be an active participant in internal / third party system security reviews and audits on customer engagements.
- Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
- Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
- Will assist in developing proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
- Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.
Team work
- Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
- Individual would predominately work with off-shore engagement teams and relevant HTC Territory teams on presale and cyber security delivery.
- Communication, written and verbal, with these teams would be expected.
- Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
- Team members would be required to handle multiple tasks at the same time.
- Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.
Desired Candidate Profile
- Bachelors
- Certifications (ISO 27001/ ISO 31000/ or equivalent and other relevant qualification/certification
- Experience : 3-5 years
Knowledge Required:
- Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
- Understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
- Sound knowledge of Internal financial Controls and Compliance. Must be able to recommend controls around people, process, and technology.
- Sound knowledge of General Leger / Balance Sheet / Journal Entry / Budgeting / Financial fraud
- Sound knowledge on business controls and process controls. Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
- Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
- Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
- Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.
Additional Responsibilities:
- Ability to develop value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
- Good knowledge on software configuration management systems and license Management systems
- Awareness of latest technologies and Industry trends
- Logical thinking and problem solving skills along with an ability to collaborate
- Understanding of the financial processes for various types of projects and the various pricing models available
- Ability to assess the current processes, identify improvement areas and suggest the technology solutions
- One or two industry domain knowledge
- Client Interfacing skills
- Project and Team management
• Evaluate the organization’s security needs and establish best practices and standards accordingly.
• Designing, implementing, maintaining, overseeing, and upgrading all security measures needed to protect organizations’ data, systems, and networks.
• Responding to all security breaches to the network and associated systems.
• Troubleshooting all network and security issues and incidents.
• Routinely conduct penetration testing.
• Taking appropriate security measures to ensure that the organization's infrastructure and existing data are kept safe.
• Conducting testing and scans to identify any vulnerabilities in the network and system.
• Taking an active role in the change management process.
• Assist in any security breach investigations.
• Handling routine daily administrative tasks such as reporting and keeping open lines of communication with the organization’s appropriate departments.
We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.
Roles & Responsibilities:
- Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
- Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
- Managing penetration tests and security reviews for core applications and APIs.
- Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
- Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
- Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
- Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
- Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
- Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
- Investigate privacy breaches.
- Educate employees on data privacy & security.
- Prioritize security requirements based on their severity of impact and product roadmap.
- Maintain a balance of security and business values across the organisation.
Required Skills:
- Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
- Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.
- Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.
- Experience in Log Management, Security Event Correlation, SIEM.
- Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.
Good to Have Skills:
- Online Fraud Prevention.
- Bug Bounty experience.
- Security Operations Center (SOC) management.
- Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
- Experience / Knowledge on tools like Fortify and Nessus.
- Experience in handling logging tools on docker container images (ex. Fluentd).
IT Security Specialist
Roles and Responsibilities
- Extensive experience of 2-5 years in Vulnerability Assessment and Penetration testing, Web Application security.
- An Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, CSRF, authentication/authorization, OWASP top 10 issues.
- Must have working experience in OWASP Top 10 Vulnerabilities Testing in Web applications.
- Create policy and standards for developers and testers to secure programming in the organization. (secure code review, static application security testing.
- Experience on both commercial and open source tools Cenzic Hailstorm, Burpsuite, AppScan, WebInspect, Appspider, sqlmap, OWASP ZAP. Assessing cloud security risk (AWS and Azure) and recommending appropriate security controls.
- Ability to interact with project teams to understand the security requirements and come up with solutions
- Extensive knowledge of managing Web Application Firewall (Product) including rules management and product administration
- Strong understanding of networking concept.
Desired Candidate Profile
- Excellent knowledge of Microsoft Windows operating environments and with special attention to security and hardening issues.
- Able to work independently with minimal supervision.
- Good knowledge of secure software development standard, process, techniques, cloud security policies and tools.
- Keep stakeholders updated with communications and weekly reporting.
- Collaborate with Security Platform and Services teams to build and integrate existing security solutions.
- Excellent communication skills - written, verbal, presentation and interpersonal.
- Willing to learn new skills and implement new technologies.
- Should come with bachelor’s degree in engineering, mathematics or master’s in computer application / programing.