Senior Engineer- Cyber Security & Risk assessment

We are looking for a motivated Information Security who is a self-starter, has an eye for detail, is analytical in approach, loves solving problems, and someone who can take initiatives to build and improve the company’s information security, identify risks and act on the required changes quickly.

What you will do:

• Develop efficient strategies to protect the system, the networking infrastructure, data, and information systems against potential threats/cyber risks
• Routinely performing threat analysis, system checks, and security tests
• Defining and updating information security criteria and validation procedures
• Effectively discuss to understand safety and security and fix the problems along with different stakeholders
• To be a security representative or point of contact for all technical deliveries, initiatives, and project implementations.
• To develop technical processes and procedures and promote compliance in line with regulations, corporate policies, or standards as per ISO27001
• Assess technical security risks in terms of impact to systems and service confidentiality, integrity, and availability, and report and escalate results of risk assessments.
• Report any real or potential security breaches/vulnerabilities to various stakeholders and provide technical support during incident response
• Monitor security tools to detect security events & incidents Report and escalate any security breaches to the Information Technology Security Officer
• Operate vulnerability scanning and compliance tools to identify system weaknesses
• Represent IT Security matters at technical and business forums

Requirements:

• 3-5 years of relevant experience in the information security field.
• Team handling/Mentoring experience
• Relevant experience working with ISO Policies, GDPR guidelines.
• Strong knowledge of network architecture and security concepts related to routing
• Exceptional attention to detail
• Excellent analytical and problem-solving skills
• Great team player and able to work efficiently with minimal supervision
• Excellent communication skills, both written and verbal, work with the different stakeholders on strengthening the security risks
• Able to handle and cope with stressful situations and understands the pressures of a start-up environment.

**Job Description:**

1. We are looking for at least 3 to 6 years of experience and have infosec certifications CISSP ,Data Security ,CISA,Cloud security,Security montioring&incident response,ECSA, or relevant proven experience in Setting up ,executing Infosec processes for organisations using policies and technologies.

2. Must have understanding and experience in SaaS technology and setting & enhancing up infosec policies and controls to secure cloud infra,data of saas ,IT infra, Code practices. with respect to NIST,SOC2,ISO 27000 series,CIS, MITRE,GDPR,OWASP,SANS frameworks.

3. Specialized on GRC (to carry required compliance certifications one by one needed for SaaS )as well as able to do ground work with respect to technical Setup, execution of the infosec related controls & activities such as Vulnerability assessment, SIEM & incident response, Cloud security, Data security in SaaS with respect insider data theft and outsider exploitation, code security ,pen testing and able to present it to management etc.

• Participate and collaborate with the users, business analyst, quality assurance/quality control analyst in the gathering of user requirements and specifications.
• Analyze technical and business requirements and translate these into basic and detailed technical design.
• Participate and conduct feasibility study, research and development, prototyping and proof of concept (PoC) in implementing new/existing systems, solutions and processes.
• Participate in the technical and project documentation such as but not limited to functional, system and technical design, requirements and specifications.
• Develop, customize, enhance, fix and maintain codes, applications and systems.
• Create test scenarios and data and conduct or participate in non-functional and functional testing (e.g., unit testing, system testing, integration testing, etc.).
• Document, analyze and report test results.
• Develop and review codes, programs and configurations to verify consistency and conformance with established programming and industry standards, guidelines, policies and practices.
• Conduct incident and problem analysis, data gathering, investigation and resolution of issues, and provide technical consultancy, assistance and support.
• Deliver the required systems/applications/solutions on time and based on agreed budget and specifications.
• Identify, assess and recommend opportunities for application and process improvement.
• Prepare reports, manuals and other documentation on the status, operation and maintenance of software.
• Provide regular and effective progress updates to the project manager/team lead/supervisor/immediate manager.
• Actively participate in and lead the peer review and status meeting to communicate progress and escalate risks and roadblocks.
• Prepare training materials and provide assistance in conducting the training to users or other members of the team.
• Responsible for the information security by protecting confidential information from unauthorized access, ensuring the integrity of the information and information system, taking appropriate measures to manage security risks and following and complying with the laws, legislations and terms of contracts.
• Perform other duties as assigned, if necessary.

Hiring for Lead Auditor (QMS / ISMS) role.

Job description Below :

• Preparation Dept. Objective reports.
• Preparation of Internal Audit Schedule & Coordination /opening meeting and closing meeting.
• Follow up for Internal Audit closing of Observations.
• Preparation of Management review meeting Input & Output reports.
• Coordination Certification Audit and Surveillance (TUV-SUD) Audit for ISO 9001:2015 and ISO 27001:2013.
• Follow up for closing of Observations.
• To update QMS & ISMS Manual, Procedures, Policies, Risk Assessment Plan, SOA & Formats.
• Internal Audit of ISO - QMS & ISMS standards.

Job Title: QA Associate 

Job Description:

1. Responsible for Implementing, controlling and monitoring quality management system documentation (ISO 27001) and data privacy (SOC2).
2. Coordinate improvement in the system through output from audit, management review, and responsible to close NC’s during audits.
3. Knowledge of SAMD (Software as Medical Device) SaaS product, processes and procedures.

3-5 years of relevant experience in Medical Devices Industry.

Area of Expertise:

• To generate, implement and maintain internal quality procedures and systems to comply with ISO 27001, SOC2 standards
• Maintaining and updating various documents like internal docs log, external log, , Obsolete docs log, DCN, ECN, CAPA, SQA/IQA log, product complaint, equipment log
• Maintaining Engineering documents like part specs, Bill of materials, Drawings, Design review documents etc
• Co-ordinate and conduct periodic internal audits of various functional groups of an organization and drive compliance to QMS.
• Manage all documentation related to internal and external audit.
• Manage all the documents related to supplier qualification and coordinate Supplier’s audit and maintain the supplier file.
• Experience in Handling of CAPA (Corrective & Preventive Actions) & Product Complaints
• Co-ordination of Management Review Meetings & its action items implementation

Experience Required:

• 3-5 years of relevant experience in Medical Devices Industry.
• Educational Qualification – Diploma/Engineering graduate, preferably Computer Science or related.
• Ability to read and understand standard requirements independently.
• Good teamwork, communication and interpersonal skills. A demonstrated commitment to company values
• Good understanding of design control, and post marketing processes
• Knowledge of FDA / EU / Indian & other national regulations is an added advantage.
• Working knowledge of an e-QMS is an added advantage.

• Python with Powershell (who worked in Security related product Development(First Pref)/Networking.

Key Responsibilities

• Collaborate in the design, implementation, and deployment of successful software applications in support of our Threat management platforms.
• Developing backend components to enhance performance and receptiveness, server-side logic, and highly responsive web applications.
• Performance tuning and automation of application.
• Enhancing the functionalities of current software systems.
• Understand system interdependencies and limitations.
• Functionally decompose complex problems into simple, straightforward solutions.
• Rightly estimate the task and take ownership of building production-ready software solutions.
• Collaborate with other teams to implement features based on business rules and visual design.

Minimum qualification & experience

• Engineering graduate.
• 4 years of demonstrated professional experience in delivering and operating large-scale applications.
• Strong software development skills in python including python frameworks like Django, Flask, etc.
• Experience with software development, Web frameworks and database technologies, e.g., REST APIs, and automated scripts.
• Experience with current development technologies, methodologies and workflows including CI/CD, Docker, Git, and Jenkins preferred.
• Experience with microservice development and dockerized application development is a PLUS.
• Strong knowledge of data structures, algorithms, operating systems, and distributed systems fundamentals.
• Working familiarity with networking protocols (TCP/IP, HTTP) and standard network architectures.
• Working familiarity with basic Linux administration.
• https://ind01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcybersecurityguide.org%2Fcareers%2F&;data=05%7C01%7Cmadhvi.1%40neweraindia.com%7C71e5f8231a514be638bf08da656eee89%7Cc04e2addbf474beabf38e722114ec31f%7C0%7C0%7C637933824369629597%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5ezbPi2xWTVZVsmDSzinf6eC37Mr6zWQpfivsSWa1A0%3D&reserved=0" target="_blank">Experience in the cybersecurity field especially with threat intelligence or security orchestration is a plus.

B. Aims & Goals:

You are required to work with all departments at Pelican to implement, enhance and improve ISMS, GDPR and ISAE 3402 processes. You will also be closely working with external auditor as well as top management for status and reporting.

C. Key Responsibilities:

Your primary responsibilities include:  Assist in audit planning, including the identification of processes for audit review.   Execute internal audit assignments for all locations in India, US, UK and NL. Review the effectiveness of the controls.   Identify and document audit issues and opportunities for improvement.  Prepare the audit report for internal audit assignments and discuss audit findings with senior management.   Monitor and maintain the CAPA program. Assist with follow up corrective actions and oversee timely completion.  Facilitate independent audit engagements on behalf of the company.  Assist to develop and implement process improvements and best practices across the business unit. Review policies and procedures for all areas of the business.  Develop new policies and procedures as directed or required, to improve and to collect and analyse data for review with internal stakeholders.  Take responsibility for the management and execution of internal audit assignments, production of audit reports and management of follow up actions  Involved with working across all areas of the business to ensure that processes are documented and compliant to the company’s requirements.

D. Experience level & Qualification:

a. Experience Level  4 to 5 yrs

b. Educational background  B.E / B.Sc / B.com / Bachelor’s Degree  Holds ISO 27001:2013 Certification

E. Essential Skills:  Should have participated in ISMS (ISO 27001:2013) implementation and certification process.

• The role will be part time (15-20 hours per week) with scheduled weekend availability.
• LINC Fellows will be “actively engaged” when a unit (subject) is assigned. A unit will range from 7 to 14 weeks at a time.
• LINC Fellows are required to provide 2-3 hrs each afternoon (between noon to 5pm) every day when they are supporting students.
• Candidate will have flexibility to work from location of his/her convenience.

• Interacting with high-quality global university faculty
• Working with a diverse range of international students
• Developing deeper subject understanding
• Gaining richer academic exposure
• Improving interpersonal and cross-cultural skills

• PG/Doctoral degree with distinction or first-class from a top university in India
• 5-10 years of corporate experience and/or teaching experience in the fields like Marketing, Finance, Operations, Organization/HR, Data Analytics, Project Management, Strategy and Ethics at a leading university or college (note: at least 1 year formal teaching experience at a university of college is a MUST).
• Empathetic, ambitious, warm and outgoing personality willing to work closely with people from diverse culture
• Proficient in English language
• Must possess a working laptop and have access to high-speed (>2 MBPS) stable internet connection
• Ability to quickly learn and use technology platforms for interacting with student including host university’s Learning Management System and LINC's technology platform (training on these platforms will be provided)