Security compliance engineer

Job Description: SOC Manager

ESSENTIAL RESPONSIBILITIES          

•      Leadership & Team Management: Leads the SOC team providing clear direction, fostering teamwork and collaboration. Regularly assesses the strengths and weaknesses of team members, providing mentoring, coaching, and opportunities for growth. Hands-on execution across operational challenges, making decisive judgments while ensuring high morale and cohesion.

•      Incident Management: Ensures that all security events and incidents are identified, categorized, and responded to promptly and thoroughly. This includes setting up appropriate escalation processes, coordinating between various teams for cross-functional incidents, and ensuring that incidents are closed with comprehensive documentation and lessons learned.

•      Continuous Improvement: Regularly reviews and analyzes the efficiency of the existing operations processes, tools, and protocols. Implement changes based on findings, feedback from the team, and changing threat landscapes. This also involves staying updated with advancements in SOC technologies and methodologies.

•      Technology Management: Oversees the implementation, configuration, and continuous tuning of various security tools, including the client’s Security Platform.

•      Training and Development: Designs and implements a continuous training plan for the existing and new SOC team members, ensuring they have the latest skills and knowledge and are onboarded and productive as quickly as possible. This also involves organizing periodic simulation exercises (like red teaming) to test and improve incident response capabilities.

•      Reporting: Establishes a comprehensive reporting framework that offers insights into the SOC's performance. This includes metrics on incident volumes, response times, and resolution success rates.

These reports should be presented to stakeholders clearly, actionable, highlighting successes and areas for improvement.

REQUIRED EXPERIENCE

•      Minimum of 6+ years in cybersecurity roles with at least 3 years in a SOC leadership position.

Experience in an MSSP or a large-scale global SOC is highly preferred.

•      Experience in actively managing the lifecycle of security incidents.

•      Strong knowledge and familiarity with major cloud provider technologies (AWS, Azure, etc.)

•      Solid understanding of networking protocols and infrastructure designs, including cloud infrastructures, routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.

•      Experience with virtualization technologies (VMware, Microsoft Hyper-V).

•      Experience with the following tools and technologies:

–     Security Information and Event Management (SIEM)

–     Intrusion Detection & Prevention (IDP) 

–     Endpoint Detection & Response (EDR)

–     Network Detection & Response (NDR)

–     Network Analysis tools - Wireshark, tcpdump, etc. 

–     Scripting in Python, Bash, PowerShell

•      Experience in regulated environments such as HIPAA or PCI preferred.

•      Strong governance skills in time management, project management, and stakeholder management.

•      Excellent communication skills, with ability to lead security-reviews with clients; keep stakeholders appraised of key issues/risks/incidents.

PREFERRED CERTIFICATIONS

•      CISSP – Certified Information Systems Security Professional

•      CISM – Certified Information Security Manager

•      OSCP – Offensive Security Certified Professional

•      CEH – Certified Ethical Hacker

•      GSEC – SANS GIAC Security Essentials

•      CompTIA – Security

OTHER REQUIREMENTS

·      Flexibility of schedule is required to meet the demands of the position.

·      This role requires to work in shifts (including night shift) and support clients in North America.

To us, a Technical Interviewer is a go-to person for technical interviews for any technology. This means that your duties will involve conducting technical interview rounds of candidates having a technical background of any kind.

The job of a Technical Interviewer is important to business success. Hiring the right talent is our most critical point and a vital aspect of a complete Technical Interviewer’s job description and specification.

• Own full technical recruitment process including interviews, feedback, and building talent pipelines
• Identify the right talent for the organization
• Train and mentor new and existing interviewers
• Identify the gaps in the interview process and work on solutions
• Maintain a healthy candidate experience and build the employer brand
• To be up to date with new technologies
• Participate in various coding and technology-related challenges to gain knowledge 
• Nurture a positive working environment
• Have a strong sense of ownership for assigned tasks and a willingness to go the extra mile when needed
• Is an effective communicator who can establish rapport with people at all levels

• Bachelor's Degree in BSc/BE/BTech in Computer Science, Engineering, or a related field
• General programming skills in languages like Java, Javascript, Ruby or equivalent.
• Proven working experience in the same profession or as a trainer 
• People-oriented and results-driven
• The ability to work as part of a team
• Strong analytical and problem-solving skills
• Excellent administrative and organizational skills
• Effective communication skills
• Proven hands-on Software Development experience

At Upswing, we are committed to building a robust, scalable & secure API platform to power the world of Open Finance.

We are a passionate and self-driven team of thinkers who aspire to build the rails to connect the legacy financial sector with financial innovators through a simple and powerful banking-as-a-service (BaaS) platform.

We are looking for motivated engineers who will be working in a highly creative and cutting-edge technology environment to build a world-class financial services suite.

About the role

As part of the DevSecOps team at Upswing, you will get to work on building state-of-the-art infrastructure for the future. You will also be –

• Managing security aspects of the Cloud Infrastructure 
• Designing and Implementing Security measures, Incident Response guidelines 
• Conducting Security Awareness Training
• Developing SIEM tooling and pipelines end to end for vulnerability/security/incident reporting 
• Developing automation and performing routine VAPT for Network and Applications
• Integrating with 3rd party vendors for the services required to improve security posture 
• Mentoring people across the teams to enable best practices 

What will you do if you join us?

• Engage in a lot of cross-team collaboration to independently drive forward DevSecOps practices across the org 
• Take Ownership of existing, ongoing, and future DevSecOps initiatives 
• Plan and Engage in Architecture discussions to bring in different angles (especially security angles) to the table
• Build Automation stack and tools for security pipeline 
• Integrate different security measures and pipelines with the SIEM tool
• Conducting routine VAPT using manual and automated workflows, generating and maintaining the report for the same
• Introduce and Implement best practices across teams for a great security posture in the org

You should have

• Curiosity for on-the-job learning and experimenting with new technologies and ideas
• A strong background in Linux environment
• Proven experience in Architecting networks with security first implementation
• Experience with VAPT tooling for Networks and Applications is required 
• Strong experience in Cloud technologies, multi-cloud environments, and best practices in Cloud 
• Experience with at least one scripting language (Ruby/Python/Groovy)
• Experience in Terraform is highly desirable but not mandatory
• Some experience with Kubernetes, and Docker is required 
• Understanding Java web applications and monitoring them for security vulnerabilities would be a plus 
• Any other DevSecOps-related experience will be considered

• Writing in-depth user guides, release updates, product descriptions for the company's suite of products and solutions
• Writing for a variety of audiences, from non-technical end-users to programmers, system administrators, and integrators
• Overseeing peer editing and production review work
• Integrating use case and functional data into user documentation and examples

Desired Candidate Profile

• 3+ years of technical writing experience
• Strong written and verbal communications and experience working with content in multiple mediums
• Experience working cross-departmentally to communicate the nuts and bolts of a product
• Strong experience owning an end-to-end documentation creation process
• Excellent attention to detail and the ability to prioritize and work on multiple projects in a fast-paced, changing environment
• A positive attitude, willingness to jump in and tackle new challenges
• Experience working with the following tools preferred: Confluence/JIRA, Git & Github, HTML, CSS, Jinja, JavaScript, Python, Postman, etc    

Designation: Technical Recruiter

Location: Indore (M. P.)

Duration : Full time

Roles and Responsibilities

• Should have experience of various job portal like Naukri.com, LinkedIn, Monster etc.
• Should have min 6 month  - 5  yrs. of experience in in -house / international recruitment.
• Sound understanding of all technology like ROR, React JS,  Java, .Net, PHP, Python, Android / Mobile development etc.
• Must be excellent in communication skills oral and written.

• Must have good exposure working in SOAR (Security, Orchestration, Automation, Response)
• Strong knowledge in End user/ point security.
• Good hands on Cyber security like SIEM, IAM, PAM.
• Sound Knowledge into automated incident management using Demisto (or similar technology)
• Hands on creating playbooks in Python Scripting.