Security Engineer

Hi,
Intuitive (http://www.intuitive.cloud/">www.intuitive.cloud) is one of the fastest-growing Cloud & SDx Engineering solution and services companies supporting 80+ Fortune 1000 Global Enterprise customers in the Americas and Europe. Intuitive is a recognized professional & managed services partner for core superpowers in Cloud (Public/Hybrid) Adoption/Migration & Transformation, Cloud Security, GRC, DevSecOps, SRE, Data, Application Modernization / Containers/K8s-as-a-Service and Cloud Application Delivery
FTE (permanent)
100% Remote opportunity 
Time-6 pm to 3.00 am(IST)
Role: Azure Network & Security Architect JD:

Must have:

Strong understanding of data center network and security architecture with products like Cisco switches/routers, Arista/juniper switches/routers, Palo Alto/Cisco/Fortinet firewalls, proxy, DNS etc Strong understanding of overall Azure cloud infrastructure, network and security architecture. In-depth understanding of Azure Networking components/services like vnet, vnet peering, udr, SDR, express route, NVA, load balancers, endpoints,vWAN, virtual Network gateways, Network watcher, Azure network function manager, CDN, Private link, traffic manager etc In-depth understanding of Azure Security components/services like Azure firewall, Azure firewall manager, Azure front door, WAF,  NSG, Internet analyzer, Bastion, Defender, Key Vault, Sentinel etc Strong understanding of how to securely interconnect multiple cloud accounts, on-prem servers, etc. Expertise in automation tools such as Terraform/Jenkins/Powershell/Ansible/Azure CLI etc. Strong understanding of How to protect Azure Cloud-based infrastructure, including distributed denial-of-service (DDoS) attacks, phishing attacks, and threats involved. content classification etc

Good to have: Sound understanding of GCP and AWS cloud network and security architecture Sound understanding of F5 load balancers/LTM/GTM, AFM, ASM, APM etc

If Your profile matches to the requirements share your anithadotkatintuitivedotcloud
Regards,
Anitha. K
TAG Specialist

Position Title: Manager – Security Operations Organization /Function: Manager is responsible for day to day operational and project delivery for a set of customers Relevant Experience: 10+ years of experience in security area and at least 2 years as Security manager Educational Qualification: BE/B.Tech/ME/M.Tech/Graduate/Master in any stream with excellent academic record

Must-have Skills: • Must know common security policy frameworks and possess knowledge of how security programs are run at mid to large scale companies • Must have managed a team to deliver “Managed Security Service” or “Security Operations Center” • Prior working Background in either SIEM tools (Splunk, ArcSight, QRadar, DNIF etc.) or Vulnerability assessment and Management tool (Qualys/Rapid7) and process • Has broader context and understanding of managed security services • Must have service mindset and empathy. Must deal with a level of ambiguity, chaos and apparent stubbornness from customers, and manage around it by thinking through the issue or request from the customer’s perspective to drive to a reasonable conclusion • Must have prior experience on Project Management • Must have prior experience of onsite-offshore delivery model and should have directly worked with US/European customers or colleagues • Must have ITIL process knowledge

Roles and responsibilities:

- Audit the current Information Security system and procedures and do a Gap analysis

- Identify immediate potential Information Security Risks and manage remediation tasks through to closure

- Create an Information Security Compliance Roadmap and execute end-to-end compliance initiatives by that roadmap

- Design high-quality test plans and direct Data/Information security control test activities

- Continuously improve Octro Data/Information security control framework

- Maintain handbook pages and procedures related to Information security compliance

- Identify opportunities for Information security compliance control automation, execute them and then maintain

- Provide actionable and constructive advisement to cross-functional teams, including driving remediation activities for high and select moderate-risk Observations across all Octro departments

- Design, develop, and deploy scripts to automate continuous control monitoring, administrative tasks and metric reporting for all security compliance programs

- Direct and support external audits as and when necessary

Requirements

- A minimum of 6-8 years' experience working with Data/Information Security Compliance programs

- Detailed knowledge of common information security management frameworks, regulatory requirements and applicable standards such as: ISO, SOC 2, GDPR, PCI etc.

About Octro Inc :

We are one of the fastest-growing mobile gaming companies around, a technology-driven organization at heart, and take pride in the platforms we create.

Founded in 2006 with a mission to create productivity applications for Mobile Devices. After pioneering one of the first mobile Voice-over-IP infrastructures called OctroTalk, the company ventured into building mobile gaming platforms. Sequoia Capital has invested in Octro. The funding was announced in June 2014.

• Working closely with the external auditors to achieve common goals
• Conducting Enabling Service Audit (HR, Admin, IT) once in 6 months for the verification of ISMS & QMS Standards
• Performing ISMS and Internal Audit
• Being part of the external Audits (ISMS, QMS & CMMI)
• Managing of implementation of ISMS

Desired Candidate Profile

• Strong communication and team building skills with proficiency at grasping new technical concepts quickly and utilizing the same in a productive manner
• Experience in ISO27001, Internal Audits, CMMI    

Responsibilities:

The Senior Information Security Engineer is responsible for the implementation, execution and maintenance of technology solutions to mitigate risk, to protect the IT and Engineering environments by reducing the probability of, and to minimize the effects of, damage caused by malware, malicious activities and security events.

The individual will help protect the company by deploying, tuning, and managing security tools across the computing environment, as well as provide security incident response cycle support. They should have a passion and skills for identifying the latest cyber threats. The individual will:

Basic Qualifications

• Working knowledge of infrastructure-as-code and CI/CD pipelines tools (i.e. Jenkins, Teamcity, CircleCI etc..)
• Lead and participate in major day-to-day operational aspects of the security engineering team including improvement of current security controls while constantly identifying areas of needed improvement
• Deep hands-on security experience with cloud providers, such as AWS, GCP, Azure
• Understanding of automated security testing approaches and tools
• Experience with proactive integration of security into the development process
• Lead continuous improvement efforts of out security tools and systems (Concertation on SIEM, IDS, EDR Tools)
• Work with our customers (Security Operations, Incident Response, and Product teams) to incorporate high quality security alerting into their operational workflows
• Improve overall security practitioner efficiency through process automation
• Foster and promote collaboration among all members of the IT, Infrastructure, and Risk Management Departments.

Minimum Qualifications/Requirements

• BS or MS in Computer Science or related field
• Minimum 7+ years of cybersecurity experience
• Must have previous experience performing threat hunting and incident response duties using SIEM tools, cybersecurity management consoles, and ticketing systems
• Experience in deployment, development, and maintenance of SIEM
• Experience writing and using Ansible server administration scripts, and create simple Python, BASH, or Powershell scripts to automate cybersecurity functions
• Scripting experience to automate security operations, alerting, and compliance checks, CI/CD design, deployment, and management
• Experience with managing endpoint response and detection infrastructure and endpoints at the enterprise level, including performing upgrades to the back end application and deploying new agent versions to endpoints
• Understanding the investigative process and performing triage for cybersecurity incidents
• Experience maintaining industry leading security technologies or infrastructure systems in complex technical IT operations environment
• Must be detail-oriented and organized with ability to handle competing demands while meeting deadlines
• Experience in authentication protocols and frameworks to include OAuth, and AWS IAM
• Proactive and motivated; team player with a positive can-do attitude
• Strong analytical/problem-solving skills and cross-functional knowledge across multiple IT operational and security disciplines
• Ability to communicate technical concepts to a broad range of technical and non-technical staff
• Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change

Experience: 6+ years

Location: Pune

Lead/support implementation of core cloud components and document critical design and configuration details to support enterprise cloud initiatives. The Cloud Infrastructure Lead will be primarily responsible for utilizing technical skills to coordinate enhancements and deployment efforts and to provide insight and recommendations for implementing client solutions. Leads will work closely with Customer, Cloud Architect, other Cloud teams and other functions.

Job Requirements:

• Experience in Cloud Foundation setup from the hierarchy of Organization to individual services
• Experience in Cloud Virtual Network, VPN Gateways, Tunneling, Cloud Load Balancing, Cloud Interconnect, Cloud DNS
• Experience working with scalable networking technologies such as Load Balancers/Firewalls and web standards (REST APIs, web security mechanisms)
• Experience working with Identity and access management (MFA, SSO, AD Connect, App Registrations, Service Principals)
• Familiarity with standard IT security practices such as encryption, certificates and key management.
• Experience in Deploying and maintaining Applications on Kubernetes
• Must have worked on one or more configuration tools such an Terraform, Ansible, PowerShell DSC
• Experience on Cloud Storage services including MS SQL DB, Tables, Files etc
• Experience on Cloud Monitoring and Alerts mechanism
• Well versed with Governance and Cloud best practices for Security and Cost optimization 
• Experience in one or more of the following: Shell scripting, PowerShell, Python or Ruby. 
• Experience with Unix/Linux operating systems internals and administration (e.g., filesystems, system calls) or networking (e.g., TCP/IP, routing, network topologies and hardware, SDN)
• Should have strong knowledge of Cloud billing and understand costing of different cloud services 
• Prior professional experience in IT Strategy, IT Business Management, Cloud & Infrastructure, or Systems Engineering

Preferred 

• Compute: Infrastructure, Platform Sizing, Consolidation, Tiered and Virtualized Storage, Automated Provisioning, Rationalization, Infrastructure Cost Reduction, Thin Provisioning
• Experience with Operating systems and Software
• Sound background with Networking and Security 
• Experience with Open Source: Sizing and Performance Analyses, Selection and Implementation, Platform Design and Selection
• Experience with Infrastructure-Based Processes: Monitoring, Capacity Planning, Facilities Management, Performance Tuning, Asset Management, Disaster Recovery, Data Center support

About Us!

A global Leader in the Data Warehouse Migration and Modernization to the Cloud, we empower businesses by migrating their Data/Workload/ETL/Analytics to the Cloud by leveraging Automation.

We have expertise in transforming legacy Teradata, Oracle, Hadoop, Netezza, Vertica, Greenplum along with ETLs like Informatica, Datastage, AbInitio & others, to cloud-based data warehousing with other capabilities in data engineering, advanced analytics solutions, data management, data lake and cloud optimization.

Datametica is a key partner of the major cloud service providers - Google, Microsoft, Amazon, Snowflake.

We have our own products!

Eagle – Data warehouse Assessment & Migration Planning Product

Raven – Automated Workload Conversion Product

Pelican - Automated Data Validation Product, which helps automate and accelerate data migration to the cloud.

Why join us!

Datametica is a place to innovate, bring new ideas to live and learn new things. We believe in building a culture of innovation, growth and belonging. Our people and their dedication over these years are the key factors in achieving our success.

Benefits we Provide!

Working with Highly Technical and Passionate, mission-driven people

Subsidized Meals & Snacks

Flexible Schedule

Approachable leadership

Access to various learning tools and programs

Pet Friendly

Certification Reimbursement Policy

Check out more about us on our website below!

www.datametica.com

We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.

Roles & Responsibilities:

• Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
• Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
• Managing penetration tests and security reviews for core applications and APIs.
• Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
• Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
• Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
• Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
• Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
• Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
• Investigate privacy breaches.
• Educate employees on data privacy & security.
• Prioritize security requirements based on their severity of impact and product roadmap.
• Maintain a balance of security and business values across the organisation.

 Required Skills:

• Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
• Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.

• Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.

• Experience in Log Management, Security Event Correlation, SIEM.
• Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.

Good to Have Skills:

• Online Fraud Prevention.
• Bug Bounty experience.
• Security Operations Center (SOC) management.
• Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
• Experience / Knowledge on tools like Fortify and Nessus.
• Experience in handling logging tools on docker container images (ex. Fluentd).

• Establish, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
• Work directly with the business units to facilitate risk assessment and risk management processes
• Develop and enhance an information security management framework
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
• Provide leadership to the enterprise's information security organization
• Partner with business stakeholders across the company to raise awareness of risk management concerns
• Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
• Conduct regular internal audits in compliance with applicable legal and contractual requirements, ISO 27001 and PCI DSS requirements and companies internal requirements
• Conduct regular Management reviews and update the management on information security aspects. The MRMs shall also focus on drawing Management attentions to the key areas for required management actions.
• CISO is also responsible to ensure customer audits as well as re-certification and surveillance audits and successful.
• Coordinate with relevant stakeholders to address the NC closures.
• CISO shall ensure the information incidents are responded and resolved on time to ensure compliance with legal and contractual requirements.

• Degree in business administration or a technology-related field required.
• Professional security management certification
• Minimum of 5 years of experience in a combination of risk management, information security and IT jobs
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and PCI DSS.
• Excellent written and verbal communication skills and high level of personal integrity
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
• Experience with contract and vendor negotiations and management including managed services.
• Specific experience in Agile (scaled) software development or other best in class development practices.
• Experience with Cloud computing/Elastic computing across virtualized environments.

Position: - Professional Service Consultant

Location: - Noida

Company: - Infinity Labs Ltd

Website: - http://www.infinitylabs.in">www.infinitylabs.in

Job Description: -

Desired Experience:

Providing remote support/ consultation on security domain who can work in a 24/7 environment and collaborate with customers and accounts teams to deliver seamless services to large enterprises.

Education:

BE in Computer Science or equivalent education/training/experience.

Key Skills:

• Excellent verbal and written communication skills.
• Strong consulting skills.
• Ability to multi-task and work in a fast-paced environment.
• Ability to be self-starting and manage multiple tasks at a given time.
• Ability to work individually and as a part of a team.
• Effectively handle multiple projects and deliver the right solution to the customer.

Technical Skills

• Advance understanding of internetworking, LAN, and WAN technologies.
• Experience with network, security solutions, and technologies leading security solutions in large environments.
• Expertise with Remote Access VPN solutions, IPSEC, PKI & SSL, TCP/IP, Authentication Protocols (LDAP, RADIUS etc.)
• Experience with troubleshooting skills related to networking, routing, IP, NAT, IPSEC VPNs and knowledge of how these interact with applications and users.
• Ability to independently debug broad, complex, and unique networks with mixed media and protocols required.
• Experience with installation, configuration and operation of Palo Alto Networks products.
• Experience working with a multi-factor authentication security system.
• Experience on the Endpoint security.
• Experience in Cloud technologies (AWS, Azure primarily, VMware NSX etc.)