Life is Short! Work Somewhere Awesome.
Mercer Talent Enterprise is hiring experienced Senior IT Security Professional.
Key Responsibilities
- Monitor, report, and protect the safety of the company data, and adherence the local and international security compliances
- Analyse security logs and alerts to identify and investigate threats.
- Conduct periodic vulnerability assessments and penetration testing to proactively identify weaknesses.
- Continually enhance the security posture of the company by frequent review and implementing measures.
- Lead and perform security control gap assessments against industry standards and security regulatory requirements to evaluate control design and operating effectiveness
- Stay up to date on the latest security threats and vulnerabilities
- Define, draft and communicate potential security control improvement opportunities and paths to address based on requirements and industry experience,
- Support regulatory examinations across EU, UAE, KSA, US. and international regulatory regimes in partnership with Security and other GRC functions by reviewing and evaluating requests, coordinating with stakeholders to collect and QA artifacts, and track outcomes of regulatory examinations performed,
- Partner with Security Risk and Security Policy functions to ensure that security controls are reflected properly in our Security Risk Review, Security Policy requirements, and other governance processes,
- Support Security Compliance, Information Security, and Engineering stakeholders in identifying and executing on continuous control monitoring opportunities,
- Work closely with control owners and internal and external auditors on control operation and related documentation
- Communicate progress, escalations, and issue resolutions to management and team stakeholders
- Create procedural documentation, including training materials that support how we support control owners in risk to control analysis, control narratives, and how we operate as a Security Compliance team in the form of runbooks for new processes.
Required Experience or Skills
- 4+ years of security, IT compliance (internal or external audit) or equivalent experience
- 2-4 years of technical cyber security experience, with hands-on experience in vulnerability assessment and/or incident response (e.g., SOC Analyst, etc.).
- A bachelor degree in Cyber Security, Information Systems, or a combination of education and experience.
- Security+ certification or GIAC/SANS certifications highly desired
- Knowledge and practical experience with policy and regulatory mandates such as COBIT, SOC1/SOC2, CSA-CCM, ISO27001/27002/27031, GDPR, CCPA, PCI-DSS and NIST Risk Management Framework and associated standards such as sp800-34, sp800-53, FedRAMP, CMMC, etc.;
- Prior consulting experience in Cybersecurity
- Prior experience working closely with auditors and/or external regulators
- Experience with compliance initiatives from start to finish
- Experience sourcing, interpreting, and reporting on data via data visualization tools
- Outstanding written and spoken communication skills
- Ability to effectively and autonomously accomplish outcomes across cross-functional teams in ambiguous situations with light supervision
You'll get:
- Competitive salary with health benefits
- An extremely energising, dynamic and fast paced entrepreneurial working culture and environment
- An opportunity to travel to international locations where our clients may be based
- Latest laptop, devices and technologies for your needs
- Unique and supportive opportunities to progress in your career
- On-going team and professional development
Where:
India - Remote
Subodh Popalwar
Software Engineer, Memorres
About Mercer Talent Enterprise
Mercer Talent Enterprise is a global leader in talent assessment, technology, and leadership development. As the world’s first and only company to pioneer the science of Behaviourmetrics®, we empower organizations to make critical people decisions by blending contemporary psychometric tools and assessment solutions with the latest advances in artificial intelligence and data science.
Similar jobs
Key Responsibility Areas:
Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex Web applications, operating systems, wired and wireless networks, and mobile applications/devices Delivering targeted and intelligence led security penetration testing through a robust testing methodology and process Craft and develop scripts, frameworks, tools, and the methods required for facilitating and executing sophisticated charges, emulating malicious actor behavior sought at avoiding detection Conduct security assessments on a wide variety of technologies and implementations Develop and maintain security testing plans Maintain and evolve a mature set of security penetration testing and internal Red Team processes covering all areas of technology Automate penetration and other security testing on networks, systems and applications Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk Produce actionable, threat-based, reports on security testing results Act as a source of direction, training, and guidance for less experienced staff Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators Foster and maintain relationships with key stakeholders and business partners
Required Skills:
2 to 6 years of experience in information security with web application and network penetration testing experience Fluent in common cyber security domains such as cloud security, access control, encryption, identify management, security operations, application security, penetration tests, endpoint security, vulnerability management, threat intelligence Strong understanding of OWASP top 10.
Experience or knowledge of IT security risk assessments and gap analysis In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) Hands on experience with testing frameworks such as the PTES and OWASP Experience of functional testing, UI/UX testing and manual testing, Load, Performance testing across multiple browsers and devices Hands-on experience in designing and writing test automation scripts using test automation frameworks and knowledge on API Testing Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud
Qualification: Masters/Bachelor’s Degree
Security (AM/Executive)
• To design the security infrastructure / policies for the organisation, implement & monitor the same
• To ensure security compliance with respect to recommendations received from government agencies like CEA, NCIIPC
• Design, review, implement & monitor IT security related controls as part of Internal
• Controls, IFC, ERM
• ISMS certification (ISO 27001) for IT systems; this will include preparation and periodic review of policies and SOPs, regular trainings and maintaining records in prescribed formats
• Conducting internal security audit and generating reports by deploying VA tools
• Periodic security/VAPT audits and implementation of the findings
• IT security related new initiatives like - Security Operations Centre (SOC), Security Information and Event Management (SIEM), cloud security, EMM-enterprise mobility management
• Creating IT Security awareness within the organisation
achelor of Engineering or Technology; or any degree on par;
· 12-15 years of Experience in security and similar areas solution/product development, design, etc
· Minimum 7-8 years of experience in an Enterprise or Cyber Security practice dedicated role
· Experience in Enterprise deployment of security with in depth knowledge of security, implementing security solutions and working closely with global customer accounts.
· Proficient with concepts like SOC, OWASP Top 10 etc
· Understanding of Enterprise Cyber security models like Mitre ATTACK and roadmap modelling.
· Excellent analytical and problem-solving skills to drive product development
· Excellent communicator, whether writing, speaking or presenting
· Experience gathering and analysing data to create useful metrics that support positive change
Job Responsibilities:
· Assist the Security Manager in developing and implementing security policies and procedures.
· Conduct regular security risk assessments and audits.
· Monitor security systems, including firewalls, intrusion detection systems, and access controls.
· Respond to security incidents and provide recommendations for remediation.
· Assist in managing user access and authentication.
· Provide security awareness training to employees.
· Maintain and improve endpoint security solutions (e.g. antivirus, endpoint detection and response).
· Collaborate with other departments to ensure security is integrated into all aspects of the organization's operations.
· Stay up to date on the latest security threats and industry trends.
Qualifications and skills:
· Bachelor’s degree in computer science, Information Security, or a related field.
· 4-5 years of experience in security-related roles.
· Knowledge of security systems and protocols.
· Familiarity with risk management frameworks.
· Knowledge of compliance regulations and standards.
· Excellent communication and interpersonal skills.
· Strong analytical and problem-solving skills.
· Ability to work independently and as part of a team.
· Attention to detail and accuracy.
Amazon Web Services (AWS)Role : Full-Time Individual Contributor (IC)
Reporting to : Solution Architect / Program Manager
Education : BTech/ BE / MCA / MSc Computer Science
Industry : Product Engineering Services or Enterprise Software Companies
About Us
CLOUDSUFI is a Silicon Valley-based specialist Data Engineering & Cloud Technologies player with top-tier clients, favorable revenue mix, strong financial performance, and robust management. We pride ourselves in helping in the Data Discovery, Insights and Monetization for organizations. We offer quality of work, opportunities to learn new platforms/technologies that will help young engineers put themselves ahead in their careers compared to their peers in the IT Services industry. CLOUDSUFI is a Data Science and Product Engineering company building Products/Solutions for Technology and Enterprise industries leveraging the advent of Cloud Hyper Scalers and AI/ML, NLP technologies. The organization is built to scale with strong external/ internal tech capabilities and governance standards. Started in 2019, CLOUDUSUFI is a family of 250 members working towards a common goal of making the enterprise data dance. To know more, please visit https://cloudsufi.com
ABOUT THE ROLE
InfoSec Engineers will participate in all phases of a typical DevOps pipeline: plan, code, build, test, release, and deploy. He/she will be scanning our networks, applications, and containers (images). In addition to the Vulnerability Management platform, this individual will support and/or serve as a backup for AWS WAF, Guard Duty, PagerDuty, and CloudFlair security platforms.
This Includes: ● Work independently with vendors and collaborate with colleagues ● -Experience on monitoring and operation of AWS cloud infrastructure ● -Experience with AWS automation tools Terraform ● -Analyzing, Troubleshooting and resolving issues with the cloud monitoring tools as Datadog and Cloudflare ● -The ability and skill to train other people in procedural and technical topics ● -Strong communication and collaboration skills
ABOUT YOU ● 3+ years’ experience with Tenable.io platform ● 3+ years’ experience with AWS orchestration via Terraform script ● 3+ years’ experience with CloudWatch/CloudTrail/Guard Duty ● 3+ years’ experience with AWS WAF ● 3+ years’ experience with CloudFlare ● 2+ years’ experience with DataDog ● Experience with PagerDuty ● Ability to make nuanced threat assessments ● Experience with the NIST family of Information Security-related publications including 800-37, 800-30, and 800-53 ● Significant experience with PCI, SOC2, SOX, HIPAA, or other compliance regimes Salary: Best as per Industry Standards
Amazon Web Services (AWS)Job Responsibilities:
Experience: 8 Yrs to 12 Yrs
- Hands-on expertise on performing Application pen testing (Mobile(Android, IOS),networking, web application pen testing),
- Should worked on IOT,AWS,Application Penetration Testing, Reverse Engineering, source code review, CI/CD Pipeline
- have done any submission on Bug crowd or Bug Bounty.
- have developed tools or scripts for web pen test on GitHub.
- Certified on OSCP
- Threat Modeling
- Network scan in stealth mode or simple scan using Nmap and Burp suite
Implement security measures which monitor and protect sensitive data and systems from infiltration and cyber-attacks.
Developing different ways to solve the existing threats and security issues.
Configuring and implementing intrusion detection systems and firewalls.
Security product development, testing, and implementation.
Responsible for security technology research, penetration testing, and vulnerability scanning.
Please follow the below inputs.
The shift will starts from 03:00 PM to 12 AM (fixed for few months),
OSCP certification(Not mandatory, preferable)
Below are the primary key skills:
Total Application Security Experience:
Total Security Architecture Experience:
IOT(optional)
MOBILE
WEB
AWS(Mandatory)
NETWORKING
THREAT MODELS
|
Desired Skills |
To have skills: · Proven technical expertise in cyber security domains, i.e. endpoint security, application security testing. · Knowledge and experience in public cloud solutions. · Knowledge on network security, networking concepts and architectural implementations. · Knowledge on vulnerability testing and define proper remediation’s. · Shell scripting experience - Shell/Bash/Python. · Working experience of Linux operation.
Desire to have skills: · One or more of the following cyber security certifications: CEH, CISSP, OSCP, SSCP CCSP. · Excellent problem solving, and follow-up skills. · Ability to convey technical security concepts to non-technical audiences. |
Information Security Specialist
Notice Period: 45 days / Immediate Joining
Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA.
We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.
It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges.
Key Qualifications
· Design, deploy, and support Information Security Solutions provided by BDS
· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms
· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.
· Research and strategic analysis of existing, and evolving all IT and data security technologies
· Establish baselines to define required security controls for all infrastructure components and application stack
· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.
· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts
· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up
· Must be able to work a flexible schedule during off-hours
Key Skills & Qualification
· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance
· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)
· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk
· Exposure of the security audit tools on public cloud platforms
· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture
· Certified Ethical Hacker would be a plus
· Handling of Security audits is a must
· Proven interpersonal skills while contributing to team effort by accomplishing related results
· Passion for learning new technologies and the ability to do so quickly.
http://www.banyandata.com" target="_blank">www.banyandata.com
Why ToneTag :
ToneTag is the largest sound-wave communication technology platform on the
planet that enables payments & proximity customer engagement services in
different sectors like retail, mobility, restaurant ordering, and so on. It harnesses
the power of sound to empower and enrich various businesses around the globe.
ToneTag has touched more than 55 Million consumers & 500,00 merchants in the
payments space alone. It is an organization where innovation, hard work & fun go
hand in hand to invent experiences that are unique in every sense. Our people are
entrepreneurial & believe in going beyond today's problems to find tomorrow's
solution.
If you are a seasoned professional looking for your next challenge, or just starting
your career and looking for a company that created career-building opportunities,
we offer ample scope as well as training to ensure that your skills & abilities reach
their true potential. At ToneTag, we invite you to share our vision and
commitment to achieving excellence in everything that we do!
Who We are :
● While most people ignore sound, ToneTag harnesses it. Using the power of
sound, we have built a highly secure and robust channel of data
communication, enabling extraordinary experiences across businesses.
● Our core value lies in innovation. We also focus on empathy, inclusivity,
collaboration and creativity.
● Through our model of Enable-Engage-Empower, ToneTag aims at delivering
a unique experience to all.
NO CEILING TO GROWTH :
● Highly rewarding to those who want to experience a trailblazing career
growth, with exposure to new challenges and opportunities.
● ToneTag follows the principle of taking ownership and delivering. If you
conceptualize an idea, which could make a difference to the organization,
you will be the owner of it.
● With innovation at the heart of its solution, ToneTag offers a chance to think
outside the box and instill creativity into one's thinking.
BE PART OF THE FAST EXPANDING CHANNEL :
● ToneTag has already reached 50 million consumers and is expected to cross
100 million.
● Global companies such as Mastercard and Infosys Finacle are presenting
ToneTag as a technology offering to their banking customers.
● ToneTag is working with government initiatives, such as NHAI & NPCI to
deliver a seamless experience on a larger scale.
TONETAG CULTURE IS OPEN AND EMPOWERING :
● Whether you are a manager or an intern, transparency is maintained, and
your voice is heard.
● ToneTag exudes a vibrant atmosphere, where everyone is approachable and
supportive.
● There exists a diversity of talent, skills and passion. Such an exposure will
not only help an individual grow, but also enables one to think from a
different perspective.
THE NEXT BIG THING :
● We are here to play a role in enabling our society and economy leap
towards cashless ecosystem, bringing millions of people into the financial
world like never before and at the same time enable innovative experiences
of tomorrow.
● ToneTag has a global clientele and is backed by some of the biggest names
in terms of management and investors.
● A technology delivering wide applicability, ToneTag has received numerous
awards and recognition for its innovative technology.
The challenge for you :
As a Content writer in the Marketing team, you will be delivering quality writing
pieces that appeal to our clients & stakeholders, attract customers and boost
brand awareness.
Roles & Responsibilities :
● Create and draft content for ToneTag’s content properties such as blogs,
websites, social media etc
● Contribute towards developing and executing the monthly content calendar
for Social Media
● Maintain and update website content regularly
● Draft scripts to develop product demo videos
● Follow and implement best practices for content optimization such as using
relevant keywords, etc
● Draft copy for user communication, engagement, and education
● Familiarity with keyword placement and other SEO best practices
● Create Presentations and Product documents
● Collaborating and working closely with PR and Digital agencies, sharing
ideas, reviewing the articles and posts.
● Writing clear marketing copy to promote our products/services
● Preparing well-structured drafts using Content Management Systems
● Coordinate with marketing and design teams
● Ensure all-around consistency (style, fonts, images and tone)
● Applications for awards & events
What you need :
● A bachelor's degree or higher in Journalism, Mass Media and
Communications.
● 3+ years- work experience as a Content Writer, Copywriter or Similar roles
● Should have excellent writing skills with unblemished grammar expertise.
● Should be keen in learning new technology
● Portfolio of published articles/Blogs
● Hands-on experience with Content Management Systems (e.g. WordPress)
● Ability to meet deadlines
● Well versed with creative web content, blogs, articles, and press releases
according to the requirements.
● Experience in SEO writing with online marketing and lead generation is
added advantage
Great to have :
● Experience doing research using multiple sources
● Familiarity with web publications
● A born-talent for understanding and analyzing human behavior
● Basic understanding of Keyword relevancy and keyword density and should
also be familiar with Keyword placement and other SEO best practices
● Someone whose presence reflects energy, dynamism and passion
● A strong believer in equality and teamwork
● An individual with strong ethics, principles and courage
The Role
● Building compelling long-term strategies on how to scale content.
● Build a deep understanding of the company’s products and unique
differentiators
● Work with product managers to understand and help refine the evolving
brand voice and tone
● Collaborate with cross-functional teams to bring impactful content to market
quickly and at scale
● Create articles, eBooks, whitepapers, infographics, video scripts, interactive
assets, build a content calendar for social media, in line with the content
strategy.
● Understand the buyers’ journey and use that knowledge to create the most
impactful top, middle, and bottom-of-the-funnel content assets for different
products
● Optimize social media content (language, message, tone) on the basis of the
behavior of our target audience
● Understand our SEO goals and strategy in order to produce optimized
content.
The Skills
● Prior experience in crafting content & product experiences from scratch, in
an instructional and long-form content setting.
● Must be able to write content that’s relevant, catchy, and easy to understand
● Should have excellent command over the English language and grammar
● Should be willing to and capable of creating technology-related content that
requires extensive research
● Should be able to understand, conceptualize, and convey marketing
messages in an acceptable international style.
● Must keep up-to-date with the best practices in writing for the web, social
media trends, web usability, and business/industry trends
● Prior experience in advertising agency is preferred.
• Evaluate the organization’s security needs and establish best practices and standards accordingly.
• Designing, implementing, maintaining, overseeing, and upgrading all security measures needed to protect organizations’ data, systems, and networks.
• Responding to all security breaches to the network and associated systems.
• Troubleshooting all network and security issues and incidents.
• Routinely conduct penetration testing.
• Taking appropriate security measures to ensure that the organization's infrastructure and existing data are kept safe.
• Conducting testing and scans to identify any vulnerabilities in the network and system.
• Taking an active role in the change management process.
• Assist in any security breach investigations.
• Handling routine daily administrative tasks such as reporting and keeping open lines of communication with the organization’s appropriate departments.
Follow CutshortSubodh Popalwar
Software Engineer, Memorres