Network Security Engineer

CAW Studios:

You will be responsible for the uptime, performance, and operational cost of a large-scale cloud platform or some of our SaaS-based products. You will make daily and weekly operational decisions to improve uptime while reducing costs. You will drive improvements by gaining an in-depth knowledge of the products in your responsibility and applying the latest emerging trends in the cloud and SaaS technologies. All your decisions will be focused on providing the best in class service to the users of our SaaS products.

Our organization relies on its central engineering workforce to develop and maintain a product portfolio of several different startups. As part of our engineering, you'll get to work on several different products every quarter. Our product portfolio continuously grows as we incubate more startups, which means that different products are very likely to use different technologies, architecture & frameworks - a fun place for smart tech lovers! 

Job Overview:

As the Senior Manager of Infrastructure & Cybersecurity, you will be responsible for implementing, maintaining, and overseeing the organization’s cybersecurity program & Infrastructure (tools, technologies, services, infrastructure) to ensure that information security standards, practices, and controls are in place to effectively manage risk to the enterprise and improve the company’s overall security posture. You will be responsible for managing your team and overseeing the execution of projects and initiatives for Celito customers. You will help develop and implement security initiatives and standards, conduct and oversee monitoring, and ensure compliance with regulatory and internal standards including incident response and investigations related to policy violations, security breaches, threats, and attacks. You will be a strategic technical leader, mentoring team members while partnering with other leaders to advance cybersecurity processes across the organization.

Responsibilities and Duties: 

• Collaborate with clients to understand their IT needs, focusing on infrastructure and security, and establish strategic IT plans that align with their business objectives and compliance requirements.
• Lead the design and implementation of secure and robust IT infrastructures, ensuring they support the clients’ operations and research activities effectively.
• Develop and implement comprehensive security strategies, including but not limited to, risk assessments, incident response plans, and ongoing security monitoring.
• Drive the adoption of best practices in IT governance, cybersecurity frameworks, and regulatory compliance (such as HIPAA, GDPR, and other relevant standards).
• Manage and mentor a team of IT professionals, fostering a culture of excellence, accountability, continuous improvement, and professional growth.
• Stay abreast of technological advancements, cybersecurity trends, and regulatory changes that may impact our clients, and adjust strategic plans accordingly.
• Ensure customer satisfaction through exceptional service delivery, proactive communication, and the ability to translate technical challenges into business impact.
• Collaborate with cybersecurity operations team to ensure rapid response to potential threats and alerts, and develop standards and guidelines for response and remediation.
• Serve as the main point of contact for clients and Celito leadership team on managing the status of projects and the operational state of client infrastructure and cybersecurity program.
• Lead and perform information security and vulnerability assessments. This will include scanning, prioritization, and remediation of discovered vulnerabilities as well as performing regular penetration testing.
• Oversee implementation and maintenance of an Incident Response Program including developing IR playbooks.
• Work with and actively engage security service providers to deliver necessary services and manage contract requirements and service level agreements.
• Serve as lead advisor on cybersecurity matters to ensure appropriate levels of security are integrated into process designs and architecture.
• Develop and implement company-wide/departmental information security training and awareness programs.
• Monitor internal and external policy compliance to ensure that vendors and employees understand the company’s cybersecurity policies and operate within that framework.
• Work closely with the business to promote and support the cybersecurity initiatives of the organization.
• Performs other duties as assigned.

Qualifications: 

• 7+ years developing infrastructure & security programs, managing security solutions, and projects.
• Must have experience with the industry's best tools such as Palo Alto Firewall, Meraki, Rapid 7/Arctic Wolf/AlienVault, Crowdstrike EDR, Mimecast/DarkTrace, Tenable, CyberArk, Zscalar, AZURE/AWS security, Office 365 expertise, etc.,
• Must be a fluent communicator, able to present to Executive teams, an Independent Thinker, and able to define Cybersecurity Strategy
• Must have built or run a SOC and managed a team of cybersecurity experts & engineers supporting projects/operations.
• Preferably has industry standard CISSP certifications, CISA, Security +, SSCP, etc.,
• Must have performed NIST/ISO-based full assessments, and be able to articulate findings, build remediation plans, and present plans to scale up security posture. 
• Preferably has Life Sciences experience or consulting experience working with large & medium-sized companies. 
• Knowledge of information security frameworks, best practices, and administrative, physical, and technical safeguards (experience with common security frameworks such as NIST preferred)
• Experience working with Security Incident and Event Management (SIEM) tools, endpoint detection and response tools, vulnerability management suites, and various security solutions
• Strong technical background and knowledge of network and systems security, system and network configuration, and application security.
• Experience with incident response management, next-gen firewalls, web application firewalls, multi-factor authentication, data loss prevention, and disaster recovery.
• Excellent organizational, communication, and customer service skills with active listening skills.
• Knowledge of regulatory requirements such as the California Consumer Privacy Act (CCPA), Sarbanes-Oxley (SOX), and quality guidelines (GxP) is a plus.

About CAW Studios:

 CAW Studios is a Product Engineering Studio. WE BUILD TRUE PRODUCT TEAMS for our clients. Each team is a small, well-balanced group of geeks and a product manager who together produce relevant and high-quality products. We believe the product development process needs to be fixed as most development companies operate as IT Services. Unlike IT Apps, product development requires Ownership, Creativity, Agility, and design that scales.

Know More About CAW Studios:

Website: https://www.cawstudios.com/">https://www.cawstudios.com/

Benefits: Startup culture, powerful Laptop, free snacks, cool office, flexible work hours and work-from-home policy, medical insurance, and most importantly - the opportunity to work on challenging cutting-edge problems.

• Must have 6+ years of experience in C/C++ programming language.
• Knowledge of Go programming language and Python programming language is a big plus.
• Strong background in L4-L7 Internet Protocols TCP, HTTP, HTTP2, GRPC and HTTPS/SSL/TLS.
• Background in Internet security related products such as Web Application Firewalls, API Security Gateways, Reverse Proxies and Forward Proxies
• Proven knowledge of Linux kernel internals (process scheduler, memory management, etc.)
• Experience with eBPF is a plus.
• Hands-on experience in cloud architectures (SaaS, PaaS, IaaS, distributed systems) with continuous delivery
• Familiar with containerization solutions like Docker/Kubernetes etc.
• Familiar with serverless technologies such as AWS Lambda.
• Exposure to machine learning technologies and distributed systems is a plus
• B.E/B.Tech/MS degree in Computer Science, or equivalent

About Us

We are an AI-Powered CX Cloud that enables enterprises to transform customer experience and boost revenue with our APIs by automating and analyzing customer interactions at scale. We assist across multiple voices and non-voice channels in 30+ languages whilst coaching and training agents with minimal costs.

The problem we are solving

In comparison to worldwide norms, customer support in traditional contact centers is quite appalling, due to a high number of queries, insufficient capacity of agents and inane customer support systems, businesses struggle with a multi-fold rise in customer discontent and bounce rate, resulting in connectivity failure points between them and customers.

To address this issue, IITian couple Manish and Rashi Gupta founded Rezo's AI-Powered CX Cloud for Enterprises 2018 to help businesses avoid customer churn and boost revenue without incurring financial costs by

providing 24x7 real-time responses to customer inquiries with minimal human interaction.

Roles and Responsibilities:-

• To Maintain the required uptime for Azure Cloud and IT Infrastructure.
• To provide the earliest resolution of the reported issues, which may include but are not limited to cloud & end-user related issues.
• Configuring and managing the alerts through Nagios, which may include but is not limited to scripting knowledge.
• Linux and Windows Server administration.
• Managing Firewalls and Domain Controllers.

Requirements

• Having relevant experience of 3+ yrs.
• Sound knowledge of Linux & Windows System administration
• Good Hands-on experience on Azure/AWS ( Willing to work on Azure only)
• Must be an expert in at least one of OpenStack, Cloudify, SaltStack, Rundeck, Ansible
• Good knowledge of networking, firewall & domain controller
• Basic knowledge of DevOps/Scripting
• Should be willing to work in rotational day shifts and WFO
• Flexibility to be able to work in a 24/7/7 environment

Life at Rezo.AI

• We take transparency very seriously. Along with a full view of team goals, get a top-level
• View across the board with our regular town hall meetings.
• A highly inclusive work culture that promotes a relaxed, creative, and productive
• environment.
• Practice autonomy, open communication, and growth opportunities, while maintaining a
• perfect work-life balance.
• Go on company-sponsored offsites, and blow off steam with your work buddies.

Perks & Benefits

Learning is a way of life. Unlock your full potential backed with cutting-edge tools and mentor-ship

Get the best in class medical insurance, programs for taking care of your mental health, and a Contemporary Leave Policy (beyond sick leaves)

Why Us?

We are a fast-paced start-up with some of the best talents from diverse backgrounds. Working together to solve customer service problems. We believe a diverse workforce is a powerful multiplier of innovation and growth, which is key to providing our clients with the best possible service and our employees with the best possible career. Diversity makes us smarter, more competitive, and more innovative.

Explore more here

http://www.rezo.ai/" target="_blank">www.rezo.ai

About Us 

Rezo.ai is an AI-Powered Contact Centre that enables enterprises to enhance customer experience and boost revenue by automating and analyzing customer agent interactions across multiple channels including voice, email, chat/WhatsApp, and social, at the required scale, whilst training agents with minimal costs 

How do we do it 

Rezo’s AI-Powered contact center leverages ground-breaking technologies in AI, ML, ASR, NLP, RPA, and predictive intelligence to transform customer experience and reduce costs by automating, analyzing social media, whilst coaching them.

Overview

Providing leadership in the information security space, helping ensure ISO and GDPR certification, and establishing, maintaining, and enforcing our security policies. Working closely with our business and technology teams to ensure awareness and adherence to the policies and procedures established.

To ensure that the security solutions being designed and delivered are aligned with the enterprise security architecture, supporting the transition of the security architecture from its current to its planned future state.

To lead and provide strategic oversight to ensure and assure the beneficial and cost-effective security change across key accounts, through the evaluation of business strategies and requirements providing advice, guidance and assurance.

Role & Responsibility

• Provide security advice and guidance to business and delivery teams ensuring solutions are consistent with the enterprise security roadmap whilst balancing business values and security risk.
• Recommend changes to IT systems to bring them into compliance with security policy, standards, blueprints and roadmaps.
• Influence stakeholders to adopt architecturally sound approaches to the management of risk.
• Advise on the translation of business requirements into secure IT solutions and migration roadmaps.
• Preparation and documentation of standard security operating procedures and protocols
• Recommend technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Advise on alternate solutions and countermeasures to mitigate identified information risks.
• Provide assurance that identified solutions or countermeasures mitigate identified information risks.
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Implements security improvements by assessing the current situation; evaluating trends; anticipating requirements.
• Keeps users and businesses informed by preparing performance reports; communicating system status, and owning security incidents when they arise.

Technical Skills Required

• Proven experience in the design, implementation and operation of scaled IT security services and capabilities, ideally within a large government organization or complex large-scale multi-supplier organization.
• Strong technical aptitude and exposure to ISO 27001 or similar-based security policies and standards.
• Excellent communication skills, with the ability to articulate complex technical issues into business-focused terms and communicate with Stakeholders.
• Knowledge of GDPR, its business implications and the merits of various technical approaches
• Expertise in IT security risk in a business context
• Exposure to web application security and penetration testing.
• Exposure to securing the software development life cycle and to project management disciplines.
• Excellent organizational and technical documentation skills.
• Strong understanding of Information Security including threats, attacks, and vulnerability management.
• Deep understanding of secure development practices, with practical experience of cyber security, privacy protection, cloud security, identity management, situations awareness, protective monitoring, security operations, risk management and reporting.

Role : Full-Time Individual Contributor (IC)

Reporting to : Solution Architect / Program Manager

Education : BTech/ BE / MCA / MSc Computer Science

Industry : Product Engineering Services or Enterprise Software Companies

About Us

CLOUDSUFI is a Silicon Valley-based specialist Data Engineering & Cloud Technologies player with top-tier clients, favorable revenue mix, strong financial performance, and robust management. We pride ourselves in helping in the Data Discovery, Insights and Monetization for organizations. We offer quality of work, opportunities to learn new platforms/technologies that will help young engineers put themselves ahead in their careers compared to their peers in the IT Services industry. CLOUDSUFI is a Data Science and Product Engineering company building Products/Solutions for Technology and Enterprise industries leveraging the advent of Cloud Hyper Scalers and AI/ML, NLP technologies. The organization is built to scale with strong external/ internal tech capabilities and governance standards. Started in 2019, CLOUDUSUFI is a family of 250 members working towards a common goal of making the enterprise data dance. To know more, please visit https://cloudsufi.com

ABOUT THE ROLE

InfoSec Engineers will participate in all phases of a typical DevOps pipeline: plan, code, build, test, release, and deploy. He/she will be scanning our networks, applications, and containers (images). In addition to the Vulnerability Management platform, this individual will support and/or serve as a backup for AWS WAF, Guard Duty, PagerDuty, and CloudFlair security platforms.

This Includes: ● Work independently with vendors and collaborate with colleagues ● -Experience on monitoring and operation of AWS cloud infrastructure ● -Experience with AWS automation tools Terraform ● -Analyzing, Troubleshooting and resolving issues with the cloud monitoring tools as Datadog and Cloudflare ● -The ability and skill to train other people in procedural and technical topics ● -Strong communication and collaboration skills

ABOUT YOU ● 3+ years’ experience with Tenable.io platform ● 3+ years’ experience with AWS orchestration via Terraform script ● 3+ years’ experience with CloudWatch/CloudTrail/Guard Duty ● 3+ years’ experience with AWS WAF ● 3+ years’ experience with CloudFlare ● 2+ years’ experience with DataDog ● Experience with PagerDuty ● Ability to make nuanced threat assessments ● Experience with the NIST family of Information Security-related publications including 800-37, 800-30, and 800-53 ● Significant experience with PCI, SOC2, SOX, HIPAA, or other compliance regimes Salary: Best as per Industry Standards

• Minimum of 5+ years of experience in IT industry at VMware NSX Design/Implementation Projects.
• Minimum 3+ years of experience in industry leading load balancer and security products (Mandatory)
• Should have solid hands-on experience in VMware Avi, NSX V and/or NSX-T.
• Hands on installation and configuration experience with Base NSX-V & NSX-T Components, VTEP's, Load Balancer, LB Rules, Security components, etc.
• Strong understanding of and experience in TCP/IP, DNS, Http, SSL, DHCP.
• Proficiency in vSphere products and technologies like HA, vMotion, DRS, and Update Manager, Administration, etc would be a plus.
• Exposure to enterprise class architecture or implementation with suite of VMware products including vCenter, vSphere, SAN, RAID, Clustering, Consolidation, Load Balancing, etc.
• Troubleshooting and Debugging of VMware Architecture related issues.
• Strong understanding of Linux/Windows servers.
• Good to have some knowledge in vRA/vRO.
• Good to have Any Automation Experience with PowerShell/Python/Bash/Ansible and basic knowledge of VMware API’s.
• Good to have some knowledge of Kubernetes and Dockers.
• Succeed in a team environment.

Senior Netskope Technology Stack Expert (SWG/CASB/ZTNA)

Duties and Responsibilities:

• Hands on experience configuring rules and policies across the SWG/CASB/ZTNA platforms.
• Lead the Deployment and Operationalization of the Netskope Technology stack
• Defining and implementing procedures and policies to ensure proper maintenance of the environment
• Implement the process, systems, and technology required to fully maximize the platforms security capabilities
• Develop strategy, execution roadmap, priorities, and investment plans
• Partner with the leadership team to define strategic objectives
• Work closely with IT, Engineering and Security teams to ensure appropriate protections are in place while maintaining a continuity of service
• Engage Netskope’s technical teams in troubleshooting issues with current or new integrations

Required Experience and Skills:

• 5 - 7 years of leadership experience leading a team
• 3 - 5 years of experience hands-on technical design, implementation, and leadership of enterprise deployments
• Excellent knowledge and prior experience supporting network security technologies including but not limited to Proxies, NG Firewalls, SSL/IPSec, VPN’s, SSO, DLP and Encryption gateways
• Strategic capability to lead and innovate while thriving in a fast-moving environment
• A bias for action, results and delivery, with a high quality bar
• Proven track record of developing people, leading and managing high-performing teams
• An innate ability to create a sense of loyalty, trust, and positive culture. Ability to energize people and teams and establish cross functional cooperation
• Forward-thinking and problem-solving mindset; drawn to building off ambiguous and unsolved problems and “making it happen”
• Demonstrated ability to interface and maintain effective relationships with all levels of employees in a team-oriented environment

Roles and Responsibilities

• Extensive experience of 2-5 years in Vulnerability Assessment and Penetration testing, Web Application security.
• An Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, CSRF, authentication/authorization, OWASP top 10 issues.
• Must have working experience in OWASP Top 10 Vulnerabilities Testing in Web applications.
• Create policy and standards for developers and testers to secure programming in the organization. (secure code review, static application security testing.
• Experience on both commercial and open source tools Cenzic Hailstorm, Burpsuite, AppScan, WebInspect, Appspider, sqlmap, OWASP ZAP. Assessing cloud security risk (AWS and Azure) and recommending appropriate security controls.
• Ability to interact with project teams to understand the security requirements and come up with solutions
• Extensive knowledge of managing Web Application Firewall (Product) including rules management and product administration
• Strong understanding of networking concept.

Desired Candidate Profile

• Excellent knowledge of Microsoft Windows operating environments and with special attention to security and hardening issues.
• Able to work independently with minimal supervision.
• Good knowledge of secure software development standard, process, techniques, cloud security policies and tools.
• Keep stakeholders updated with communications and weekly reporting.
• Collaborate with Security Platform and Services teams to build and integrate existing security solutions.
• Excellent communication skills - written, verbal, presentation and interpersonal.
• Willing to learn new skills and implement new technologies.
• Should come with bachelor’s degree in engineering, mathematics or master’s in computer application / programing.