Senior-AVP/ Information security

• Solid experience in designing, implementing, and securing cloud environments, including services such as EC2, S3, RDS, IAM, VPC, and CloudTrail.
• Strong understanding of DevOps methodologies and experience with CI/CD pipelines and tools (e.g., Jenkins, GitHub, SonarQube).
• In-depth knowledge of cloud security best practices, industry standards, and compliance frameworks (e.g., NIST, CIS, ISO 27001).
• Proficiency in scripting languages such as Python, Bash, Groovy.
• Experience with Infrastructure-as-Code (IaC) tools like AWS CloudFormation or Terraform.
• Familiarity with security scanning and monitoring tools, such as AWS Security Hub, GuardDuty, Inspector, or third-party solutions.
• Strong understanding of network security concepts, including firewalls, VPNs, and secure network architectures.
• Knowledge of secure coding practices and experience with application security testing tools (e.g., SAST, DAST, fuzzing, and secure coding patterns).
• Excellent problem-solving skills and ability to work collaboratively in a team-oriented environment.
• Participate in incident handling and other related duties to support the information security function.
• The ability to learn and apply new concepts quickly
• Strong written and oral communication skills

• Minimum of 5+ years of experience in IT industry at VMware NSX Design/Implementation Projects.
• Minimum 3+ years of experience in industry leading load balancer and security products (Mandatory)
• Should have solid hands-on experience in VMware Avi, NSX V and/or NSX-T.
• Hands on installation and configuration experience with Base NSX-V & NSX-T Components, VTEP's, Load Balancer, LB Rules, Security components, etc.
• Strong understanding of and experience in TCP/IP, DNS, Http, SSL, DHCP.
• Proficiency in vSphere products and technologies like HA, vMotion, DRS, and Update Manager, Administration, etc would be a plus.
• Exposure to enterprise class architecture or implementation with suite of VMware products including vCenter, vSphere, SAN, RAID, Clustering, Consolidation, Load Balancing, etc.
• Troubleshooting and Debugging of VMware Architecture related issues.
• Strong understanding of Linux/Windows servers.
• Good to have some knowledge in vRA/vRO.
• Good to have Any Automation Experience with PowerShell/Python/Bash/Ansible and basic knowledge of VMware API’s.
• Good to have some knowledge of Kubernetes and Dockers.
• Succeed in a team environment.

The Incident Response Senior Principal Analyst leads a team of experts with diverse skill sets across areas such as Security Operations Center (SOC), Forensics, and other applicable technical Subject Matter Expert (SME) resources. The IR Senior Principal Analyst is specifically tasked with managing all aspects of an Incident Response engagement to include incident validation, monitoring, containment, log analysis, system forensic analysis, and reporting. The IR Senior Principal Analyst is also responsible for developing and sustaining strong relationships with our clients, and client’s counsel to ensure the engagement’s objectives and expectations are met and executed successfully as documented in the statement of work. The incumbent of this role should display a strong foundation of technical expertise in Cybersecurity, Incident Response, and Digital Forensics to successfully execute the responsibilities associated with this role.  

ROLES AND RESPONSIBILITIES

• Supports the management of the technical aspects from client setup and kickoff to supporting the reporting process.
• Co-leads project scoping calls to accurately collect information from the client concerning the incident to include but not be limited to the client’s environment, size, technology, and security threats. Responsible for capturing all client’s expectations and objectives throughout the engagement to ensure successful engagement delivery.
• Organize and maintain an inventory of requests sent to the client to include at a minimum public IP ranges, requested information (including systems for collection), collected logs, systems Skadi or full systems, and any other requested made of the client by Arete or counsel.
• Works directly with the client and other Arete team members to preserve and collect artifacts for forensic analysis.
• Engages in communications with the TA for negotiation and recovery of decryption keys or manages the ransomware specialist team.
• Ensures deadlines are met and timely update meetings are established with client and counsel.
• Responsible for quality control over the budget of engagement and proactively identifying the need for addendums for engagements. Discusses with counsel before provided addendum.
• The main point of contact who manages and participates in all communications with the client and client’s counsel during the engagement. Assists with the development of communications.
• Supports the management and coordination of all technical efforts for the IR engagement to drive the process forward through; tool deployment, ransomware decryption, restoration, and recovery efforts, system rebuilds, system, application, and network administration tasks. 
• Coordinates with the Ransom Specialist when ransom negotiations are needed. Ensures updates regarding ransom status are delivered to the client and counsel in a timely fashion.
• Manages and coordinates the onsite efforts with the Onsite Lead or team ensuring they understand and can execute the objectives for the onsite work. Additional responsibilities with onsite efforts include ensuring communications are frequent and getting the daily onsite update communicating these back to the IR Director and/or IR Ops Associate for their Tiger Team.
• Co-manages restoration team when engaged with the client for recovery of systems, data collection, and SentinelOne (S1) deployment.
• Partners with the Forensic Lead to coordinate additional data collection requests pertinent to the investigation.
• Communicates in tandem with the Forensic Lead relevant findings to the client during the investigation.
• Designs and executes a strategy to install S1 and live response data within the SLAs set by Arete.
• Manage the SOC for accurate reporting of S1 metrics from threats to checked-in systems based on the need from the client.
• Follows up with the SOC Lead on SentinelOne alerts and encourages/coordinates client participation with the product. 
• Organizes the updates for client and counsel and acts as the "quarterback" for leading update calls when prompted by counsel; maintains an organized and methodical approach for providing updates from negotiations, system restoration, data collection forensics, and closeout. Accountable for final report review, ensuring the report is accurate, professional, and meets the objective of client counsel.
• Can troubleshoot instability issues within infected operating systems and stabilize the system for continued recovery.
• Cross trains across the IR services within SOC, IR Lead, Forensics, and Restoration.
• Supports peers and IR Directors within the engagement lifecycle. Familiarizes oneself with the negotiation tactics and communications with threat actors.

• Other duties as assigned.

DISCLAIMER

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required personnel so classified. 

SKILLS AND KNOWLEDGE

1. Experience delivering consulting engagements in a fast-paced environment
2. Experience leading scoping calls
3. Strong background and practical hands-on experience with Windows or Linux System and Network Administration, Security DevOps, Incident Response and Digital Forensics, or Security Engineering
4. Practical experience performing in a functional role including but not limited to one or more of the following disciplines: computer forensics, Incident Response, data analytics, Security Operations, and Engineering, Digital Investigations
5. Knowledgeable of collection methodologies and tools.
6. Comfortable working within various OS including Windows, Linux, and OSX
7. Organized communications and notes
8. Communicates clearly and concisely
9. Generally knowledgeable of the multiple services that comprise an IR investigation
10. In-depth knowledge of the ransom negotiation process and details it accordingly to clients

Job description – Information Security (Network)

Roles and Responsibilities

Company will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills

Work profile of individual

• As part of the company cyber security consulting team, individual’s primary role would be to work with ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS , Cyber Security, SOX ITGC on customer engagements
• Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
• Will be an active participant in internal / third party system security reviews and audits on customer engagements
• Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
• Will be responsible for implementation of new projects under Information Security Domain
• Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
• Will assist in development of proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
• Will engage with clients and(or) application development teams for implementation of cyber security & data privacy by design and data protection controls.
• Will support the clients with ongoing design, implementation and maintenance of the data privacy framework for managing data protection risk including responding to legislation, devising and owning policies and training.
• Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.

Team work

• Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
• Individual would predominately work with off-shore engagement teams and relevant  teams on presale and cyber security delivery.
• Communication, written and verbal, with these teams would be expected.
• Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
• Team members would be required to handle multiple tasks at the same time.
• Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.

Desired Candidate Profile

• Bachelors
• Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX or equivalent and other relevant qualification/certification
• Experience : 3-5 years
  
  

Knowledge Required:

• Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
• Good understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
• Good understanding of technical security like network security, operating system, encryption, use of tools and technologies for various processes like logical access control, network security, security monitoring etc.
• Sound knowledge of Internal Controls and Compliance. Must be able to recommend controls around people, process, and technology.
• Sound knowledge on IT controls (especially IT risks). Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
• Good knowledge on Privacy, Governance and reporting
• Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
• Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
• Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.

Additional Responsibilities:

• Ability to assist in value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
• Good knowledge on software configuration management systems and license Management systems
• Awareness of latest technologies and Industry trends
• Logical thinking and problem solving skills along with an ability to collaborate
• Understanding of the financial processes for various types of projects and the various pricing models available
• Ability to assess the current processes, identify improvement areas and suggest the technology solutions
• One or two industry domain knowledge
• Client Interfacing skills
• Project and Team management

TIKAJ is seeking a passionate person who is ready to kickstart his/her cybersecurity career. Security Analyst is your first step to a brighter future as a cybersecurity expert.

• Respond and take enforcement actions on cyber security incidents
• Monitor user activity, network events, and signals from security tools to identify events.
• Categorize alerts and other anomalous activities that represent real threats.
• Remediate attacks and Triage on general information security tickets.
• Collect data for more analysis, evaluate the attack, identify the root of the attack, and implement required security actions to counter the attack.
• Responsible for investigating and generating reports on information security issues.

• Who are motivated, self-learning, and team-oriented individuals?
• Have a degree in computer science or a related field.
• Who have beginner to intermediate level experience in Python
• Who has an interest in Cyber security, phishing, cyber laws and enforcement
• Good is written and verbal communication.

Job Description:

We are looking for a Technical Content Writer with 2-5 years of experience in producing high-quality documentation that can contribute to the overall success of our products. The selected candidate will work collaboratively with developers, quality assurance engineers, product managers, and usability experts to make our products easier to understand and use.

Job Responsibilities:

• You will be responsible for authoring tasks, creation, and integration of printed or electronic end-user documentation
• Document ongoing software developments in applications, products, and services
• Develop user guides, technical specification documents, online help files, API documents, feature description documents, How-To articles, and other ad hoc documentation deliverables
• Contribute to process improvements for enhancing efficiency
• Demonstrate ability to communicate effectively with developers and SMEs to gather knowledge on functional requirements
• Create tutorials to help end-users use a variety of applications
• Create and maintain the information architecture
• Provide estimates about documentation tasks to the Scrum Master
• Provide technical documentation for newly developed features on time and as per the defined quality standards

Required Skills:

• 2 - 5 Years of Relevant experience in the field of technical documentation
• Knowledge of end-user documentation/product documentation/technical documentation
• Excellent technical writing skills
• Creative conceptual thinker
• Impeccable command over grammar with excellent communication skills
• Proficient in working with an XML editor, authoring, and other graphics-related tools like SnagIt, Visio, etc