Information Security Specialist
Notice Period: 45 days / Immediate Joining
Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA.
We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.
It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges.
Key Qualifications
· Design, deploy, and support Information Security Solutions provided by BDS
· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms
· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.
· Research and strategic analysis of existing, and evolving all IT and data security technologies
· Establish baselines to define required security controls for all infrastructure components and application stack
· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.
· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts
· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up
· Must be able to work a flexible schedule during off-hours
Key Skills & Qualification
· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance
· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)
· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk
· Exposure of the security audit tools on public cloud platforms
· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture
· Certified Ethical Hacker would be a plus
· Handling of Security audits is a must
· Proven interpersonal skills while contributing to team effort by accomplishing related results
· Passion for learning new technologies and the ability to do so quickly.
http://www.banyandata.com" target="_blank">www.banyandata.com
About Banyan Data Services
We're hell-bent on making this the most enjoyable job you've ever had. Send your resume to [email protected]
Positive Vibe
We foster a positive leadership culture and ensure that employees at all levels feel comfortable collaborating with one another.
Grow & Learn
Our employees are being groomed by instilling a startup culture in them, as well as providing them with tech-savvy mentors and a passionate team to drive the highest quality of work.
Work Environment
The success and pleasure of employees are top concerns. No matter their level, employees feel valued in all aspects of their lives, including both their professional and personal aspirations.
Diversity
We strive to create a diverse and inclusive workplace in which everyone, regardless of who they are or what they do for the company, feels equally involved and supported in all aspects of the workplace.
Similar jobs
Job description
- Driving the cloud Solutioning ( AWS, Azure , Hybrid Cloud) activities for large complex deals which involve multiple service lines and / or technology domains
- Drive the translation of complex business initiatives into innovative business- technology solutions and ensure consistency across traditional solution boundaries
- Work with Internal stakeholders, Customer stakeholders and Project Managers to understand inefficiencies in clients existing business processes and applications and recommend solutions
- Supports the Global Sales Lead in engaging with senior level customers in either first meetings, or early stages to help shape and design early propositions, assisting to build the pipeline
- Ensure that the solution translated from business objectives is fit for purpose and clearly demonstrates value for money. The solution executive should be able to be confidently explain this to CxO level customer
- Lead a bid team, combining on- shore and off- shore solution architects to design an affordable, innovative solution which meets a clients requirements and business needs. This solution should fit within the affordability target set together with the Global Sales Leads
- Define solution value proposition and transformational direction which build on the synergies and benefits across service offers
- Provide expertise on commercially structuring deals to differentiate from the competition
- Excellent understanding of the competitor landscape, providing insight into the sales plan on how to beat competition
- Work alongside Global Sales Leads, generating future pipeline
- Ensure that the proposed solution covers strategy, partners (such as AWS, Azure, Google, Hybrid Cloud), stakeholder management as well as the actual solution covering Business, Application and Infrastructure as well as commercial aspects (in terms of value for money and not commercial costing etc.)
- Consultative approach, strong business acumen and commercial awareness, with the ability to translate business issues into relevant technical solutions and competitive propositions
- Recent experience in working for a Tier 1/2 Technology Services Provider or major Cloud Services provider in a pre- sales solutioning role
- Proficient in the Pre- Sales Solutioning Process lead by 3rd Party Advisors
- Prior experience leading, costing and implementing large complex Infrastructure Technology Outsourcing (ITO) pursuits, preferably 50M TCV with a large technology transformation component i.e. workload migration to Public Cloud, data center consolidations, etc.
- Strong proficiency creating business willing solutions aligned with key market growth areas; Public/Hybrid Cloud, Cyber security
- Demonstrated ability to communicate (written verbal) effectively and to influence at CxO level
Cloud Skills
- Experience and/or Certification: AWS - Solution Architect, Microsoft - MCSA/MCSE would be advantageous
- AWS , AZURE , Google Cloud Hybrid Cloud , Cloud Infrastructure , Private Cloud
Position: Oracle EBS Technical Lead - SCM
Experience: 6-8 Years
Location: Remote
Technical & Professional requirement:
Minimum 6 years of professional Oracle EBS experience in Oracle EBusiness Suite release 12.2.x or higher with
emphasis on modules Oracle Order Management, Oracle Advance Pricing, O2C cycle.
Must have ability to support customizations, develop process documents and share implementation plans and
best practices advice.
Experience with Web services, Alerts, PLLs, DFFs, module related APIs is a must
Extensive experience in Oracle database and development technologies such as Oracle Forms,
Oracle Reports, OAF/ADF framework, Workflow and BI Publisher
Oracle Database 11g or higher with strong experience in SQL and PL/SQL.
Exposure to SOA stack is a plus .
Good knowledge of basic Unix shell scripting will be added advantage
Strong technical knowledge with database design architecture. Ability to design and implement tables, views,
procedures, constraints, and relationships
Solve complex issues using methodical troubleshooting based on expert knowledge of Oracle
EBS applications functionality and technology
Ability to identify technical risks, present solutions to non-technical personnel and influence technical decisions.
Design, Development, Testing, Migration, Documentation.
Adhere and follow the Organization and Client Processes.
Support milestone events, defect resolutions, status updates etc.
Coordinate and participate in interaction with Functional counterparts and Users, Infrastructure team for
issues/configurations.
To qualify for the role, you must have
Minimum 6 Years of experience as EBS Technical Consultant
Oracle EBS R12 Technical, Sound knowledge of EBS, PL/SQL, Oracle Application Framework. Good understanding
of business flows – Oracle Order Management, Oracle Advance Pricing, O2C cycle.
Bachelor’s Degree in any engineering.
Basic:
Excellent ability to convince multiple stakeholders - internal and external
Good communication skills
Good presentation skills
Experience throughout the software development life cycle
Familiarity with Agile methodologies
Ability to interface directly with client
Roles and responsibilities:
- Audit the current Information Security system and procedures and do a Gap analysis
- Identify immediate potential Information Security Risks and manage remediation tasks through to closure
- Create an Information Security Compliance Roadmap and execute end-to-end compliance initiatives by that roadmap
- Design high-quality test plans and direct Data/Information security control test activities
- Continuously improve Octro Data/Information security control framework
- Maintain handbook pages and procedures related to Information security compliance
- Identify opportunities for Information security compliance control automation, execute them and then maintain
- Provide actionable and constructive advisement to cross-functional teams, including driving remediation activities for high and select moderate-risk Observations across all Octro departments
- Design, develop, and deploy scripts to automate continuous control monitoring, administrative tasks and metric reporting for all security compliance programs
- Direct and support external audits as and when necessary
Requirements
- A minimum of 6-8 years' experience working with Data/Information Security Compliance programs
- Detailed knowledge of common information security management frameworks, regulatory requirements and applicable standards such as: ISO, SOC 2, GDPR, PCI etc.
About Octro Inc :
We are one of the fastest-growing mobile gaming companies around, a technology-driven organization at heart, and take pride in the platforms we create.
Founded in 2006 with a mission to create productivity applications for Mobile Devices. After pioneering one of the first mobile Voice-over-IP infrastructures called OctroTalk, the company ventured into building mobile gaming platforms. Sequoia Capital has invested in Octro. The funding was announced in June 2014.
At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.
F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.
Responsibilities:
- Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
- You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
- You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
- You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
- You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
- Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members
Minimum qualifications:
- BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
- Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
- Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
- Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
- Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
- Good understanding of complexities and security challenges in large-scale distributed systems
- Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
- Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
- Excellent written and verbal communication skills
- Strong interpersonal, team building, and mentoring skills
Dear Candidate,
Greetings from HCL Technologies Ltd.
- Make sense of Cyber security and compliance frameworks that apply to your business or industry
• Identify business risks, taking into account the role of your hosting service provider
• Determine which Cyber security controls are required to mitigate your identified risks
• Improve collaboration and communication during Cyber security Incident mitigation and response.
• Establish the necessary framework based on NIST Framework to maintain and continually improve your information security program over time based on evolving scope and emerging risks
• Document and track efforts for evidence collection and audit preparation
- will have primary responsibility for coordinating and implementing effective Cyber Security management across the account. This role will ensure that all Supplier obligations are met regarding compliance with Security guidelines, data protection, regulations, Supplier policies, and key controls.
- provide implementation and ongoing operation of Security management framework;
- be responsible for coordinating activities to address the key Security risk exposures;
- ensure Security awareness training of, and assistance in the implementation of robust Security management practices across Security operations;
- direct the design of controls to address emerging or new Security risk and compliance requirements;
- carry out regular and frequent assurance reviews of the design and operating effectiveness of Security controls;
- implement, monitor and report on key Security risk indicators to identify and address emerging risks;
- coordinate with other Service Providers and Security functions, to facilitate client’s audits and inspections;
- manage and report on responses and actions to address Security audit points, inspection deficiencies, or control weakness identified during normal operations.
- review outcome of cyber security risk assessment, timely implement open action items and report progress to stakeholders
- incorporate vulnerability testing as an integral part of change management
- Should have good knowledge of Cyber Security Framework and controls
- CISA ,CISM or CISSP certification should be preferred.
- Have good understanding of Security policy and process along with ITSM process.
We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.
Roles & Responsibilities:
- Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
- Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
- Managing penetration tests and security reviews for core applications and APIs.
- Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
- Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
- Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
- Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
- Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
- Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
- Investigate privacy breaches.
- Educate employees on data privacy & security.
- Prioritize security requirements based on their severity of impact and product roadmap.
- Maintain a balance of security and business values across the organisation.
Required Skills:
- Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
- Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.
- Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.
- Experience in Log Management, Security Event Correlation, SIEM.
- Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.
Good to Have Skills:
- Online Fraud Prevention.
- Bug Bounty experience.
- Security Operations Center (SOC) management.
- Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
- Experience / Knowledge on tools like Fortify and Nessus.
- Experience in handling logging tools on docker container images (ex. Fluentd).
- We are looking for a Senior SRE with a proven track record of success leading complex cloud-hybrid environments. You will have:
- Strong sense of Being an Owner, Wearing the Customer Shoes, with the ability to Empower Others demonstrated through clear
- communication and collaboration.
- Skills to work independently with multiple global teams, developing, configuring, deploying, and operating our global infrastructure on AWS and on-prem.
- Operational experience in complex distributed and real-time systems, including experience with SLO/SLAs towards high availability,reliability and DR goals.
- DevOps experience in building tools and frameworks, with an understanding of continuous deployment processes.
- Ability to think at scale, bringing a focus on continuous delivery methodologies from design through deployment and operations.
- Experience building and managing systems with tools including Kubernetes, Chef/Ansible/Puppet, Kafka, Docker, and Terraform.
- 5+ years experience in a Software and/or Site Reliability Engineering role
- Experience writing automation code in GoLang, Python or Java
- Experience developing and operating large scale distributed systems with Kubernetes and Docker
- Experience in running real time and low latency high available applications (Kafka, gRPC, RTP)
- Experience running public cloud environments on AWS
- Experience running hybrid clouds and on-prem infrastructures on Red Hat Enterprise Linux / CentOS
- Bachelor degree in Engineering, Computer Science or equivalent experience
- The ability to lead, partner, and collaborate cross functionally across an engineering organization
The Cyber Security Analyst will help to assess, plan, and enact security measures to protect the Hubbell organization from security breaches and attacks on its computer networks and systems. This job involves simulating attacks to identify vulnerabilities, testing new software to help protect the
company & data, and assisting users in adhering to new regulations and processes to ensure safety and compliance. The Cyber Security Analyst will work as part of the Security Operations team to execute, monitor and report-out on the scheduled tasks associated with maintaining the overall cyber hygiene for the company
Respond and investigate security breaches and other cybersecurity incidents.
Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
Work in conjunction with the cybersecurity team to develop automation for scheduled tasks and reporting
Respond to specific threats, evaluating company exposure, and risk.
Assist in the execution of penetration testing.
Research security enhancements and make recommendations to management.
Stay up to date on cybersecurity trends, threats, and remediation
Attend daily security operations meetings
Qualifications
A degree in Computer Science, IT, Systems Engineering or a related qualification
2-3 years of experience with software development in C-Sharp, Python or Java
2 years of experience with scripting tools such as PowerShell, Unix Bash and Bourne
Familiarity with patch management
Familiar with common cyber frameworks and tools such as NIST and MITRE Attack
Awareness of common cybersecurity threats and hacking methodologies
Preferred
Previous experience with Incident response and forensics
Knowledge Network security and segmentation
We are looking for candidates with the below experience.
- Mandatory experience on any of
a) Cylance Protect and Optics
b) Crowdstrike Falcon Insight
c) Sentinel One ActiveEDR
d) Carbon Black EDR
- Hands-on experience in security incident response lifecycle and its phases
- Should have experience in L1 and L2 in EDR
- Hands-on experience in event and log analysis on Windows endpoints
- Overall experience: 3-7 years, Relevant experience: 2+ years
Please note : Candidate should have experience in the below skills must :
- EDR Experience
- EDR Product Worked on and which level of support they are working on
- Incident Response
- Malware Analysis
- Flexible for shifts
Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting