Security Engineer

Job Description

As Site Reliability Engineer, you will be involved in exciting technical challenges by analysing, troubleshooting, and designing vital services, platforms, and infrastructure while always thinking about reliability, scalability, resilience, security, and performance.

Requirements

• Strong experience in Deployment of AWS cloud infrastructure 3+ years.
• 3+ years of working experience in infrastructure support and CICD platform, leveraging DevOps, SRE & Agile methodologies. 
• Hands-on experience in provisioning Infrastructure as Code (IaC) using Terraform Enterprise or community edition.
• Experience in cloud environments AWS/GCP/Azure and container technology, Docker and Kubernetes, Docker Swarm, Helm DevOps (Git + CI/CD pipelines), and Jenkins.
• AWS (Solutions Architect Professional), (Valid certification)
• Experience in programming/scripting in Python/Ruby/Bash for at least 5+ years.
• Experience in monitoring and analyzing infrastructure performance using standard performance monitoring tools - Grafana/Prometheus, DataDog, Nagios, New Relic.

Responsibilities

• Owning Infra architecture and non-functional requirements, ensuring they fit into a cohesive vision aligned with the rest of the Technology roadmap of the platform for the launch 
• Propagate DevOps culture across the organization by sharing industry best practices, standards, approaches, documentation, and code with other engineering teams 
• Design, test and troubleshoot the CICD pipeline for containerized applications from build until deployment 
• Apply automation and software to any manual and mechanical tasks or parts of the system that would benefit from it or are performed manually.
• Able to troubleshoot complicated, cross-platform issues handling OS, Networking, and databases in a cloud-based SaaS environment and handle live production incidents, debug/troubleshoot application and infrastructure issues, and follow and implement SRE best practices.

Benefits

• Work-Life Balance
• Learning & Development
• Sabbatical Leave
• Parental Leaves
• Profit-Sharing
• Office Perks (Free Meal, Snacks)

Overview

Apiwiz (Itorix Inc) is looking for software engineers to join our team, grow with us, introduce us to new ideas and develop products that empower our users. Every day, you’ll work with team members across disciplines developing products for Apiwiz (Itorix Inc). You’ll interact daily with our product managers to understand our domain and create technical solutions that push us forward. We want to work with other engineers who bring knowledge and excitement about our opportunities.

You will impact major features and new product decisions as part of our remarkably high performing, collaborative team of engineers who thrive on the business impact of their work. With strong team support and significant freedom and self direction, you will experience the wealth of interesting, challenging problems that only a high growth startup can provide.

Roles & Responsibilities

• Build, configure, and manage cloud compute and data storage infrastructure for multiple instances of AWS and Google Cloud Platform.
• Manage VPCs, security groups, and user access to our various public cloud systems and services.
• Develop processes and procedures for using cloud-based infrastructures, including, access key rotation, disaster recovery, and building new services.
• Help the business control costs by categorizing and tagging assets running in the cloud.
• Develop scripts and workflows to manage cloud computing systems
• Provide oversight on log aggregation and application performance monitoring surrounding our production environments.

What we’re looking for

• 2-3 years of experience in the provision, configuring, administrating, automating, monitoring, and supporting enterprise Cloud services
• Strong experience in designing, building, maintaining and securing AWS resources for high-availability and production level systems and services
• Familiar with Cloud concepts with practical hands-on experience on any Cloud Platform.
• Hands-on experience with AWS services like Elastic Compute Cloud (EC2), Elastic Load-balancers, S3, Elastic File system, VPC, Route53, and IAM.
• Providing 24/7 support for the application and Infrastructure support
• Prior experience using infrastructure as a code software tool like Terraform.
• Knowledge in software provisioning, configuration management, and application-deployment tools like Ansible.
• Working knowledge of container technologies like Docker & Kubernetes cluster operations.
• Familiarity with software automation tools Git, Jenkins, Code Pipeline, SonarQube

Who You Are

• Creative thinker and strong problem solver with meticulous attention to detail
• Highly organized, creative, motivated, and passionate about achieving results
• Able to balance multiple tasks and projects effectively and quickly adapt to new situations and technologies
• Able to work both independently and as part of a team
• Systematic problem-solver, coupled with a strong sense of ownership and drive

What you need

• 3-7 years of experience as a Site Reliability Engineer or a mix of a software engineer and DevOps.
• Strong hands-on knowledge of Linux fundamentals, System administration scripting, performance tuning/scalability, troubleshooting.
• Write great quality code using SOLID principles including unit and integration tests.
• Hands-on development experience in an object-orientated programming language like Python.
• Hands-on experience developing task automations
• Experience using tools to create and manage CI (continuous integration) and CD (continuous delivery) pipelines.
• Familiarity with software development tools: source code management (SCM systems), code review systems, issue tracking tools, build tools, test frameworks, code quality tools.
• Experience implementing open-source observability and alerting tools, like Prometheus, Grafana, Cortex, Thanos, Alertmanager etc
• Have decent knowledge on networking (VPC, VNet, DNS etc) and of the TCP/IP stack, internet routing and load balancing.
• Worked with log and configuration management tool
• Prior experience of working with AWS, Azure, GCP is a plus
• Prior experience of working with Kubernetes, Docker and containers is plus
• Strong interpersonal communication skills (including listening, speaking, and writing) and ability to work well in a diverse, team-focused environment with other SREs, Engineers, Product Managers, etc.
• Documenting your work should be in your DNA

What you get

• A chance to develop and build something (probably from scratch) which you can be proud of
• Build and Implement modern systems observability solutions including monitoring, alerting, metrics, logging, and APM & distributed tracing.
• Scale systems sustainably through automation and evolve systems by pushing for changes that improve reliability and velocity.
• Maintain business continuity by identifying and driving opportunities to make systems highly resilient and human-free.
• Closely work with the software engineering team to ensure accurate monitoring and metrics are being built into applications before going to production.
• Develop and maintain software modules for use and re-use in cloud and on-premise systems automation.
• Identify process gaps and implement process improvements to increase operational reliability
• Drive standardization efforts across the services, infrastructure, systems, and practices
• Develop Systems & Tools to help with Development team to uphold the Reliability principles

Responsibilities:

The Senior Information Security Engineer is responsible for the implementation, execution and maintenance of technology solutions to mitigate risk, to protect the IT and Engineering environments by reducing the probability of, and to minimize the effects of, damage caused by malware, malicious activities and security events.

The individual will help protect the company by deploying, tuning, and managing security tools across the computing environment, as well as provide security incident response cycle support. They should have a passion and skills for identifying the latest cyber threats. The individual will:

Basic Qualifications

• Working knowledge of infrastructure-as-code and CI/CD pipelines tools (i.e. Jenkins, Teamcity, CircleCI etc..)
• Lead and participate in major day-to-day operational aspects of the security engineering team including improvement of current security controls while constantly identifying areas of needed improvement
• Deep hands-on security experience with cloud providers, such as AWS, GCP, Azure
• Understanding of automated security testing approaches and tools
• Experience with proactive integration of security into the development process
• Lead continuous improvement efforts of out security tools and systems (Concertation on SIEM, IDS, EDR Tools)
• Work with our customers (Security Operations, Incident Response, and Product teams) to incorporate high quality security alerting into their operational workflows
• Improve overall security practitioner efficiency through process automation
• Foster and promote collaboration among all members of the IT, Infrastructure, and Risk Management Departments.

Minimum Qualifications/Requirements

• BS or MS in Computer Science or related field
• Minimum 7+ years of cybersecurity experience
• Must have previous experience performing threat hunting and incident response duties using SIEM tools, cybersecurity management consoles, and ticketing systems
• Experience in deployment, development, and maintenance of SIEM
• Experience writing and using Ansible server administration scripts, and create simple Python, BASH, or Powershell scripts to automate cybersecurity functions
• Scripting experience to automate security operations, alerting, and compliance checks, CI/CD design, deployment, and management
• Experience with managing endpoint response and detection infrastructure and endpoints at the enterprise level, including performing upgrades to the back end application and deploying new agent versions to endpoints
• Understanding the investigative process and performing triage for cybersecurity incidents
• Experience maintaining industry leading security technologies or infrastructure systems in complex technical IT operations environment
• Must be detail-oriented and organized with ability to handle competing demands while meeting deadlines
• Experience in authentication protocols and frameworks to include OAuth, and AWS IAM
• Proactive and motivated; team player with a positive can-do attitude
• Strong analytical/problem-solving skills and cross-functional knowledge across multiple IT operational and security disciplines
• Ability to communicate technical concepts to a broad range of technical and non-technical staff
• Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change

Information Security Specialist

Notice Period: 45 days / Immediate Joining

Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA. 

We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.

It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges. 

Key Qualifications

· Design, deploy, and support Information Security Solutions provided by BDS

· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms

· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.

· Research and strategic analysis of existing, and evolving all IT and data security technologies

· Establish baselines to define required security controls for all infrastructure components and application stack

· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.

· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts

· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up

· Must be able to work a flexible schedule during off-hours

Key Skills & Qualification

· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance

· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)

· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk

· Exposure of the security audit tools on public cloud platforms

· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture

· Certified Ethical Hacker would be a plus

· Handling of Security audits is a must

· Proven interpersonal skills while contributing to team effort by accomplishing related results

· Passion for learning new technologies and the ability to do so quickly.

http://www.banyandata.com" target="_blank">www.banyandata.com 

We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.

Roles & Responsibilities:

• Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
• Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
• Managing penetration tests and security reviews for core applications and APIs.
• Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
• Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
• Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
• Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
• Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
• Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
• Investigate privacy breaches.
• Educate employees on data privacy & security.
• Prioritize security requirements based on their severity of impact and product roadmap.
• Maintain a balance of security and business values across the organisation.

 Required Skills:

• Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
• Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.

• Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.

• Experience in Log Management, Security Event Correlation, SIEM.
• Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.

Good to Have Skills:

• Online Fraud Prevention.
• Bug Bounty experience.
• Security Operations Center (SOC) management.
• Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
• Experience / Knowledge on tools like Fortify and Nessus.
• Experience in handling logging tools on docker container images (ex. Fluentd).

About the Role

Dremio’s SREs ensure that our internal and externally visible services have reliability and uptime appropriate to users' needs and a fast rate of improvement. You will be joining a newly formed team that will spearhead our efforts to launch a cloud service. This is an opportunity to join a very fast growth startup and help build a cloud service from the ground up.

Responsibilities and Ownership

• Ability to debug and optimize code and automate routine tasks.
• Evangelize and advocate for reliability practices across our organization.
• Collaborate with other Engineering teams to support services before they go live through activities such as system design consulting, developing software platforms and frameworks, monitoring/alerting, capacity planning and launch reviews.
• Analyze and optimize our core product by developing and implementing reliability and performance practices.
• Scale systems sustainably through automation and evolve systems by pushing for changes that improve reliability and velocity.
• Be on-call for services that the SRE team owns.
• Practice sustainable incident response and blameless postmortems.

Qualifications

• 6+ years of relevant experience in the following areas: SRE, DevOps, Cloud Operations, Systems Engineering, or Software Engineering.
• Excellent command of cloud services on AWS/GCP/Azure, Kubernetes and CI/CD pipelines.
• Have moderate-advanced experience in Java, C, C++, Python, Go or other object-oriented programming languages.
• You are Interested in designing, analyzing and troubleshooting large-scale distributed systems.
• You have a systematic problem-solving approach, coupled with strong communication skills and a sense of ownership and drive.
• You have a great ability to debug and optimize code and automate routine tasks.
• You have a solid background in software development and architecting resilient and reliable applications.