We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.
Roles & Responsibilities:
- Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
- Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
- Managing penetration tests and security reviews for core applications and APIs.
- Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
- Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
- Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
- Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
- Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
- Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
- Investigate privacy breaches.
- Educate employees on data privacy & security.
- Prioritize security requirements based on their severity of impact and product roadmap.
- Maintain a balance of security and business values across the organisation.
Required Skills:
- Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
- Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.
- Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.
- Experience in Log Management, Security Event Correlation, SIEM.
- Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.
Good to Have Skills:
- Online Fraud Prevention.
- Bug Bounty experience.
- Security Operations Center (SOC) management.
- Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
- Experience / Knowledge on tools like Fortify and Nessus.
- Experience in handling logging tools on docker container images (ex. Fluentd).
![companies logos](/_next/image?url=https%3A%2F%2Fcdn.cutshort.io%2Fpublic%2Fimages%2Fhiring_companies_logos-v2.webp&w=3840&q=80)
About netmedscom
Similar jobs
We are seeking a highly motivated and detail-oriented Cyber Security Specialist to join our growing team. In this role, you will play a vital part in safeguarding our company's data and IT infrastructure from cyber threats. You will be responsible for a variety of tasks, including vulnerability assessments, security monitoring, incident response, and implementation of security controls.
Responsibilities
- Conduct regular vulnerability assessments and penetration testing to identify weaknesses in our systems.
- Monitor network activity for suspicious behavior and potential security incidents.
- Analyze security events and implement appropriate response procedures to contain and mitigate threats.
- Participate in the development and implementation of security policies, procedures, and standards.
- Configure and maintain security controls, such as firewalls, intrusion detection/prevention systems, and data encryption.
- Stay up-to-date on the latest cyber threats and trends by attending training and conferences.
Job description
- Driving the cloud Solutioning ( AWS, Azure , Hybrid Cloud) activities for large complex deals which involve multiple service lines and / or technology domains
- Drive the translation of complex business initiatives into innovative business- technology solutions and ensure consistency across traditional solution boundaries
- Work with Internal stakeholders, Customer stakeholders and Project Managers to understand inefficiencies in clients existing business processes and applications and recommend solutions
- Supports the Global Sales Lead in engaging with senior level customers in either first meetings, or early stages to help shape and design early propositions, assisting to build the pipeline
- Ensure that the solution translated from business objectives is fit for purpose and clearly demonstrates value for money. The solution executive should be able to be confidently explain this to CxO level customer
- Lead a bid team, combining on- shore and off- shore solution architects to design an affordable, innovative solution which meets a clients requirements and business needs. This solution should fit within the affordability target set together with the Global Sales Leads
- Define solution value proposition and transformational direction which build on the synergies and benefits across service offers
- Provide expertise on commercially structuring deals to differentiate from the competition
- Excellent understanding of the competitor landscape, providing insight into the sales plan on how to beat competition
- Work alongside Global Sales Leads, generating future pipeline
- Ensure that the proposed solution covers strategy, partners (such as AWS, Azure, Google, Hybrid Cloud), stakeholder management as well as the actual solution covering Business, Application and Infrastructure as well as commercial aspects (in terms of value for money and not commercial costing etc.)
- Consultative approach, strong business acumen and commercial awareness, with the ability to translate business issues into relevant technical solutions and competitive propositions
- Recent experience in working for a Tier 1/2 Technology Services Provider or major Cloud Services provider in a pre- sales solutioning role
- Proficient in the Pre- Sales Solutioning Process lead by 3rd Party Advisors
- Prior experience leading, costing and implementing large complex Infrastructure Technology Outsourcing (ITO) pursuits, preferably 50M TCV with a large technology transformation component i.e. workload migration to Public Cloud, data center consolidations, etc.
- Strong proficiency creating business willing solutions aligned with key market growth areas; Public/Hybrid Cloud, Cyber security
- Demonstrated ability to communicate (written verbal) effectively and to influence at CxO level
Cloud Skills
- Experience and/or Certification: AWS - Solution Architect, Microsoft - MCSA/MCSE would be advantageous
- AWS , AZURE , Google Cloud Hybrid Cloud , Cloud Infrastructure , Private Cloud
![Upswing Financial Technologies Private Limited](/_next/image?url=https%3A%2F%2Fcdnv2.cutshort.io%2Fcompany-static%2F646b1422f8d7a20026ff8056%2Fuser_uploaded_data%2Flogos%2Ffinal_logo_Upswing_removebg_preview_9PefIb5Q.png&w=256&q=75)
At Upswing, we are committed to building a robust, scalable & secure API platform to power the world of Open Finance.
We are a passionate and self-driven team of thinkers who aspire to build the rails to connect the legacy financial sector with financial innovators through a simple and powerful banking-as-a-service (BaaS) platform.
We are looking for motivated engineers who will be working in a highly creative and cutting-edge technology environment to build a world-class financial services suite.
About the role
As part of the DevSecOps team at Upswing, you will get to work on building state-of-the-art infrastructure for the future. You will also be –
- Managing security aspects of the Cloud Infrastructure
- Designing and Implementing Security measures, Incident Response guidelines
- Conducting Security Awareness Training
- Developing SIEM tooling and pipelines end to end for vulnerability/security/incident reporting
- Developing automation and performing routine VAPT for Network and Applications
- Integrating with 3rd party vendors for the services required to improve security posture
- Mentoring people across the teams to enable best practices
What will you do if you join us?
- Engage in a lot of cross-team collaboration to independently drive forward DevSecOps practices across the org
- Take Ownership of existing, ongoing, and future DevSecOps initiatives
- Plan and Engage in Architecture discussions to bring in different angles (especially security angles) to the table
- Build Automation stack and tools for security pipeline
- Integrate different security measures and pipelines with the SIEM tool
- Conducting routine VAPT using manual and automated workflows, generating and maintaining the report for the same
- Introduce and Implement best practices across teams for a great security posture in the org
You should have
- Curiosity for on-the-job learning and experimenting with new technologies and ideas
- A strong background in Linux environment
- Proven experience in Architecting networks with security first implementation
- Experience with VAPT tooling for Networks and Applications is required
- Strong experience in Cloud technologies, multi-cloud environments, and best practices in Cloud
- Experience with at least one scripting language (Ruby/Python/Groovy)
- Experience in Terraform is highly desirable but not mandatory
- Some experience with Kubernetes, and Docker is required
- Understanding Java web applications and monitoring them for security vulnerabilities would be a plus
- Any other DevSecOps-related experience will be considered
About us:
HappyFox is a software-as-a-service (SaaS) support platform. We offer an enterprise-grade help desk ticketing system and intuitively designed live chat software.
We serve over 12,000 companies in 70+ countries. HappyFox is used by companies that span across education, media, e-commerce, retail, information technology, manufacturing, non-profit, government and many other verticals that have an internal or external support function.
To know more, Visit! - https://www.happyfox.com/
Responsibilities:
- Perform manual and automated application penetration tests and provide suggestions to harden our products
- Participate regularly in the development and release process to identify and report security vulnerabilities in the code being shipped
- Conduct regular audits on all Features/APIs of the product and reports vulnerabilities to the development team
- Keep up with industry trends in the security space
- Triage inbound vulnerability reports with an appropriate level of urgency and track them until they are resolved by Engineering teams
- Should be able to understand different elements of our NodeJS, Python and similar stacks and provide guidance on secure software development practices to the team
- Scale our application security engineering team
Requirements:
- Strong verbal and written communication skills
- Has worked on Web Application Security Testing for a reasonably complex application. The mobile experience is a plus
- Good knowledge of secure software development guidelines from authoritative bodies like NIST, OWASP, SANS
- Hands-on experience in performing manual/automated security assessments with open-source/commercial security tools
Roles and responsibilities:
- Audit the current Information Security system and procedures and do a Gap analysis
- Identify immediate potential Information Security Risks and manage remediation tasks through to closure
- Create an Information Security Compliance Roadmap and execute end-to-end compliance initiatives by that roadmap
- Design high-quality test plans and direct Data/Information security control test activities
- Continuously improve Octro Data/Information security control framework
- Maintain handbook pages and procedures related to Information security compliance
- Identify opportunities for Information security compliance control automation, execute them and then maintain
- Provide actionable and constructive advisement to cross-functional teams, including driving remediation activities for high and select moderate-risk Observations across all Octro departments
- Design, develop, and deploy scripts to automate continuous control monitoring, administrative tasks and metric reporting for all security compliance programs
- Direct and support external audits as and when necessary
Requirements
- A minimum of 6-8 years' experience working with Data/Information Security Compliance programs
- Detailed knowledge of common information security management frameworks, regulatory requirements and applicable standards such as: ISO, SOC 2, GDPR, PCI etc.
About Octro Inc :
We are one of the fastest-growing mobile gaming companies around, a technology-driven organization at heart, and take pride in the platforms we create.
Founded in 2006 with a mission to create productivity applications for Mobile Devices. After pioneering one of the first mobile Voice-over-IP infrastructures called OctroTalk, the company ventured into building mobile gaming platforms. Sequoia Capital has invested in Octro. The funding was announced in June 2014.
Roles and Responsibilities:
- To Maintain the required uptime for Azure Cloud and IT Infrastructure.
- To provide earliest resolution of the reported issues, which may include but not limited to cloud &
- end user related issues.
- Configuring and managing the alerts through Nagios, which may include but not limited to
- scripting knowledge.
- Linux and Windows Server administration.
- Managing Firewalls and Domain Controllers.
- Timely delivery of the assigned tasks.
Requirements:
- Having relevant experience of 3-8 yrs.
- Sound knowledge of Linux & Windows System administration
- Good Hands-on experience on Cloud-AWS/Azure ( Willing to work on Azure Cloud )
- Good knowledge of networking, firewall & domain controller
- Basic knowledge of DevOps/Scripting
- Owning accountability and responsibility for end-to-end tasks
API Lead Developer
Job Overview:
As an API developer for a very large client, you will be filling the role of a hands-on Azure API Developer. we are looking for someone who has the necessary technical expertise to build and maintain sustainable API Solutions to support identified needs and expectations from the client.
Delivery Responsibilities
- Implement an API architecture using Azure API Management, including security, API Gateway, Analytics, and API Services
- Design reusable assets, components, standards, frameworks, and processes to support and facilitate API and integration projects
- Conduct functional, regression, and load testing on API’s
- Gather requirements and defining the strategy for application integration
- Develop using the following types of Integration protocols/principles: SOAP and Web services stack, REST APIs, RESTful, RPC/RFC
- Analyze, design, and coordinate the development of major components of the APIs including hands on implementation, testing, review, build automation, and documentation
- Work with DevOps team to package release components to deploy into higher environment
Required Qualifications
- Expert Hands-on experience in the following:
- Technologies such as Spring Boot, Microservices, API Management & Gateway, Event Streaming, Cloud-Native Patterns, Observability & Performance optimizations
- Data modelling, Master and Operational Data Stores, Data ingestion & distribution patterns, ETL / ELT technologies, Relational and Non-Relational DB's, DB Optimization patterns
- At least 5+ years of experience with Azure APIM
- At least 8+ years’ experience in Azure SaaS and PaaS
- At least 8+ years’ experience in API Management including technologies such as Mulesoft and Apigee
- At least last 5 years in consulting with the latest implementation on Azure SaaS services
- At least 5+ years in MS SQL / MySQL development including data modeling, concurrency, stored procedure development and tuning
- Excellent communication skills with a demonstrated ability to engage, influence, and encourage partners and stakeholders to drive collaboration and alignment
- High degree of organization, individual initiative, results and solution oriented, and personal accountability and resiliency
- Should be a self-starter and team player, capable of working with a team of architects, co-developers, and business analysts
Preferred Qualifications:
- Ability to work as a collaborative team, mentoring and training the junior team members
- Working knowledge on building and working on/around data integration / engineering / Orchestration
- Position requires expert knowledge across multiple platforms, integration patterns, processes, data/domain models, and architectures.
- Candidates must demonstrate an understanding of the following disciplines: enterprise architecture, business architecture, information architecture, application architecture, and integration architecture.
- Ability to focus on business solutions and understand how to achieve them according to the given timeframes and resources.
- Recognized as an expert/thought leader. Anticipates and solves highly complex problems with a broad impact on a business area.
- Experience with Agile Methodology / Scaled Agile Framework (SAFe).
- Outstanding oral and written communication skills including formal presentations for all levels of management combined with strong collaboration/influencing.
Preferred Education/Skills:
- Prefer Master’s degree
- Bachelor’s Degree in Computer Science with a minimum of 12+ years relevant experience or equivalent.
What will you do?
- Act as senior level escalation point for technical remediation of incidents and service requests.
- Work as L2 resource in AWS Cloud infrastructure and system administration team providing technical support and resolving issues
- Troubleshoot technical issues faced which could be related to external interfaces, networking, application and Ubuntu configuration, IIS Configuration, Linux Servers etc.
- Resolving urgent and immediate requests by support team in a vibrant and demanding environment.
- Test upgrades and patches from development team prior to client rollout
- Document the Interface testing and other details, update and complete all handovers.
- Coordinate directly with on-site IT, vendors, off-site helpdesks over email or phone calls to complete technical assignments.
- Do audit of new implemented properties for initial few weeks and identify the repeated issues reported by property.
Technical Competencies you’ll possess:
- Strong Linux and Windows Administration skills
- In depth knowledge of the windows servers & Linux servers.
- Good understanding of AWS Cloud Infrastructure, Networking, Firewall, Infrastructure, SQL and IIS Configuration, Ubuntu Configurations and MySQL.
- Working knowledge of interfaces and integrations of systems.
- Enhanced troubleshooting skills.
- Possess a good understanding of Internet based technologies including DNS, Security, IP Routing,- SSH, FTP, HTTP/HTTPS, Email Routing, etc.
Position description:
- Manage Network admin operations
- Responsible for Configuration and installation of various network devices and services (e.g. routers, switches, load balancers (Radware), firewalls (Juniper, Fortinet, Cyberoam), network access control
- Ensure network maintenance and system upgrades
- Accountable for – Network Performance and ensure system availability and reliability
- Work within established configuration and change management policies to ensure awareness, approval, and success of changes made to the network infrastructure
- Proactive forecasting of Network capacity and utilization.
- Would handle issues like Production outages.
- Would handle incident and projects
- Good problem-solving skills
- Team mentoring and timely project delivery.
Primary Responsibilities:
- To ensure availability and uptime of On-premise and cloud network
Reporting Team
- Reporting Designation: Head - Site Reliability Engineering (ABL_SS_362)
- Reporting Department: Site Reliability Engineering (24777)
Required Skills:
- Well versed with network architecture and complex network design
- Well versed with firewalls, UTM features, IDS/IPS, WAF (Web Application Firewall), SSL Offloading
- Good hands-on with Layer 2 and Layer 3 topologies
- The key focus in Enforcing policy and regulatory compliance by maintaining the organization firewall infrastructure
REQUIRED CITIZENSHIP / WORK PERMIT / VISA STATUS:
Should be currently based in Japan with Valid work visa
MUST HAVES:
Experience Required:
- LAN/Wireless LAN based skills(over 3 years experiences)
- Firewall based skill (over 3 years experiences)
- Server based skill (over 3 years experiences)
- WAN/Internet based skills (over 3 years experiences)
*
- Required General Skills:
- Fluent in Japanese(both written & verbal) and English(reading & written)
Job role :
- · WAN, LAN, Wireless LAN, Firewall, ServerWork Contents;
- · Support Design and Implementation
- · Create documentation or basic design and detail design
- · Join required meeting(Internal, External)
- · Management Change(Create and close change record)
- · Test(Unit, Integrated) in on-site
- · Create the result of test document
- · Create change procedure
- · Installation equipment in on- site
- · Support soft MACD from remote site
- · Create operation manual
- · Support problem management
- · Support inventory management
- · Support configuration hencmanagement
- · Support reporting
- · Cisco Router/Switch/FW (MPLS, BGP, OSPF, STP, VLAN, QoS, VRF)
- · Juniper Router/Switch(SRX/EX/QFX)
- · Server (Linux,)
- · Wireless (CAPWAN)
![icon](/_next/image?url=https%3A%2F%2Fcdn.cutshort.io%2Fpublic%2Fimages%2Fsearch.png&w=48&q=75)
![companies logos](/_next/image?url=https%3A%2F%2Fcdn.cutshort.io%2Fpublic%2Fimages%2Fhiring_companies_logos-v2.webp&w=3840&q=80)