Sr. Security Engineer with Kubernetes

With a core belief that advertising technology can measurably improve the lives of patients, DeepIntent is leading the healthcare advertising industry into the future. Built purposefully for the healthcare industry, the DeepIntent Healthcare Advertising Platform is proven to drive higher audience quality and script performance with patented technology and the industry’s most comprehensive health data. DeepIntent is trusted by 600+ pharmaceutical brands and all the leading healthcare agencies to reach the most relevant healthcare provider and patient audiences across all channels and devices. For more information, visit DeepIntent.com or find us on LinkedIn.

We are seeking a skilled and experienced Site Reliability Engineer (SRE) to join our dynamic team. The ideal candidate will have a minimum of 3 years of hands-on experience in managing and maintaining production systems, with a focus on reliability, scalability, and performance. As an SRE at Deepintent, you will play a crucial role in ensuring the stability and efficiency of our infrastructure, as well as contributing to the development of automation and monitoring tools.

Responsibilities:

• Deploy, configure, and maintain Kubernetes clusters for our microservices architecture.
• Utilize Git and Helm for version control and deployment management.
• Implement and manage monitoring solutions using Prometheus and Grafana.
• Work on continuous integration and continuous deployment (CI/CD) pipelines.
• Containerize applications using Docker and manage orchestration.
• Manage and optimize AWS services, including but not limited to EC2, S3, RDS, and AWS CDN.
• Maintain and optimize MySQL databases, Airflow, and Redis instances.
• Write automation scripts in Bash or Python for system administration tasks.
• Perform Linux administration tasks and troubleshoot system issues.
• Utilize Ansible and Terraform for configuration management and infrastructure as code.
• Demonstrate knowledge of networking and load-balancing principles.
• Collaborate with development teams to ensure applications meet reliability and performance standards.

Additional Skills (Good to Know):

• Familiarity with ClickHouse and Druid for data storage and analytics.
• Experience with Jenkins for continuous integration.
• Basic understanding of Google Cloud Platform (GCP) and data center operations.

Qualifications:

• Minimum 3 years of experience in a Site Reliability Engineer role or similar.
• Proven experience with Kubernetes, Git, Helm, Prometheus, Grafana, CI/CD, Docker, and microservices architecture.
• Strong knowledge of AWS services, MySQL, Airflow, Redis, AWS CDN.
• Proficient in scripting languages such as Bash or Python.
• Hands-on experience with Linux administration.
• Familiarity with Ansible and Terraform for infrastructure management.
• Understanding of networking principles and load balancing.

Education:

Bachelor's degree in Computer Science, Information Technology, or a related field.

DeepIntent is committed to bringing together individuals from different backgrounds and perspectives. We strive to create an inclusive environment where everyone can thrive, feel a sense of belonging, and do great work together.

DeepIntent is an Equal Opportunity Employer, providing equal employment and advancement opportunities to all individuals. We recruit, hire and promote into all job levels the most qualified applicants without regard to race, color, creed, national origin, religion, sex (including pregnancy, childbirth and related medical conditions), parental status, age, disability, genetic information, citizenship status, veteran status, gender identity or expression, transgender status, sexual orientation, marital, family or partnership status, political affiliation or activities, military service, immigration status, or any other status protected under applicable federal, state and local laws. If you have a disability or special need that requires accommodation, please let us know in advance.

DeepIntent’s commitment to providing equal employment opportunities extends to all aspects of employment, including job assignment, compensation, discipline and access to benefits and training.

We are seeking a highly skilled and experienced Subject Matter Expert (SME) to join our team and provide valuable insights and analysis on our cybersecurity training content and competitors. Our business vertical focuses on delivering automated cybersecurity training through a software platform to over 1 million employees of our 150+ global customers. We cater to various industries and diverse backgrounds, with different levels of technical expertise. Thus, we create a diversified variety of content to cater to the training requirements of different user groups and personas. The SME's role will be pivotal in ensuring efficient and effective cybersecurity awareness training by creating high-quality content. 

Responsibilities: 

● Review and evaluate cybersecurity awareness content to ensure accuracy, relevance, and effectiveness. 

● Write industry-specific technical content to cater to the diversified audience.

● Provide feedback and recommendations to improve content quality and alignment with industry standards. 

● Conduct competitive analysis to identify industry trends, best practices, and potential gaps in our offerings. 

● Analyze global competitor strategies and offerings to identify strengths, weaknesses, and opportunities that benefit our customers. 

● Stay up-to-date with the latest cybersecurity trends and industry developments to ensure our offerings remain competitive. 

● Collaborate with cross-functional teams to ensure content is aligned with marketing and sales strategies. 

● Identify and refine complex security problems in a simplified and layman way. 

Qualifications: 

● Bachelor's degree or certifications in cybersecurity, computer science, or a related field.

● Minimum of 3-5 years of experience in cybersecurity content writing and competitive analysis.

● Strong knowledge of cybersecurity concepts and best practices. 

● Experience with analyzing competitor strategies and offerings. 

● Excellent communication and collaboration skills. 

● Strong analytical and critical thinking skills. 

● Self-motivated and able to work independently. 

● Ability to adapt to changing priorities and deadlines. 

If you are a cybersecurity professional with a passion for creating high-quality content and analyzing the cybersecurity industry's latest trends and developments, we encourage you to apply. Join our team and help us deliver top-notch cybersecurity awareness training to our global customers.

Company Description

Smarsh is the leader in communications compliance, archiving, and analytics. We provide compliance across the broadest set of communications channels with insights on what’s being captured. Smarsh customers manage over 500 million daily conversations across 80 channels and growing. Customers include the top 10 U.S., top 8 European, top 5 Canadian, and top 3 Asian banks. The Smarsh advantage is customers stay ahead of compliance and uncover patterns and relationships hidden within their data.

At Smarsh , we’ve been helping our customers manage new forms of communication since 1998. We work closely with regulators including the SEC, FINRA, IIROC, and the PRA and FCA, and with our customers, to ensure that they understand the capabilities of today’s technology and that our platform meets their most stringent requirements. Our products include Connected Capture, Connected Archive, Web Archive & Business Solutions.

About the team

Are you an SRE with excellent Observability, Containerization and Orchestration skills? As a Site Reliability Engineer (SRE) in the Smarsh SaaS Operations team, you'll be part of a team who measures and improves production performance reliability through sustainable engineering practices for our suite of applications. Toil will be your number one enemy, observability your closest friend and your mission will be to drive operational burden as close to zero as you can.

Responsibilities

• Responsible for technical direction at the platform solutions level. Is able to weigh the pros and cons of various solutions and credibly argue for the best path
• Work closely with Product Management and the rest of the engineering team to define features and their implementations with careful attention to quality, scalability, and maintainability
• Can break down complex technical solutions into abstractions that the rest of the team and understand
• Can investigate and solve complex bugs, performance, and scalability issues
• Collaborates with multiple agile teams to ensure their solutions integrate effectively
• Track work in ticketing system (JIRA)
• Participate in Pull Request reviews. Provide and receive feedback to continuously improve.
• Other duties as assigned.

Desired skills & experience

• A minimum 10+ years industry experience
• Masters in CS or equivalent
• Must have experience in Azure or AWS, either running some large-scale app there or migrating to Azure/AWS. 
• Experience operating Cloud Foundry in production environments 
• Experience managing CI/CD systems (Concourse, Jenkins, TravisCI etc.) 
• Experience deploying and/or operating ELK stack 
• Experience with container technologies and orchestration platforms (Docker, Kubernetes, Cloud Foundry) 
• Experience working with monitoring and observability tools (We use Datadog and New Relic) 
• Familiarity with working with PostgreSQL and MongoDB 
• Background working in a multi-platform environment (Linux, Windows) 
• Experience with running on a cloud platform, AWS preferred (S3, RDS, SQS) 
• Familiarity with Agile/Scrum/Kanban methodologies 
• Familiarity with programming/scripting languages (ie. Python, Bash, PowerShell, Go, etc.) 

Additional Skills

• Expert programming skills in relevant languages
• Exceptional analytical and problem-solving skills
• Strong communication and collaboration skills
• Deep understanding of modern software architecture
• Deep domain knowledge of the industry, platform, and existing processes
• Fault-tolerant design & maintenance
• Knowledge and understanding of modern software programming/engineering.
• Product delivery lifecycle - requirement refinement through ops

Why Smarsh?

Ready to join a thriving tech company that’s redefining digital archiving and business intelligence?

Smarsh is the leading comprehensive archiving platform. Recognized as one of today’s fastest growing companies in the U.S., Smarsh delivers innovative cloud-based solutions that help organizations manage and enforce flexible and secure records retention and compliance strategies for electronic communications, including social media and enterprise social networks (Yammer, Chatter, Facebook, LinkedIn and more).

Our motto is ‘People First. Inspire Confidence. Embrace the Impossible.’ We hire lifelong learners who have a passion for their discipline and a track record of excellence. To learn more about us, visit www.smarsh.com/careers

Job description – Information Security (Network)

Roles and Responsibilities

Company will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills

Work profile of individual

• As part of the company cyber security consulting team, individual’s primary role would be to work with ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS , Cyber Security, SOX ITGC on customer engagements
• Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
• Will be an active participant in internal / third party system security reviews and audits on customer engagements
• Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
• Will be responsible for implementation of new projects under Information Security Domain
• Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
• Will assist in development of proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
• Will engage with clients and(or) application development teams for implementation of cyber security & data privacy by design and data protection controls.
• Will support the clients with ongoing design, implementation and maintenance of the data privacy framework for managing data protection risk including responding to legislation, devising and owning policies and training.
• Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.

Team work

• Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
• Individual would predominately work with off-shore engagement teams and relevant  teams on presale and cyber security delivery.
• Communication, written and verbal, with these teams would be expected.
• Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
• Team members would be required to handle multiple tasks at the same time.
• Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.

Desired Candidate Profile

• Bachelors
• Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX or equivalent and other relevant qualification/certification
• Experience : 3-5 years
  
  

Knowledge Required:

• Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
• Good understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
• Good understanding of technical security like network security, operating system, encryption, use of tools and technologies for various processes like logical access control, network security, security monitoring etc.
• Sound knowledge of Internal Controls and Compliance. Must be able to recommend controls around people, process, and technology.
• Sound knowledge on IT controls (especially IT risks). Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
• Good knowledge on Privacy, Governance and reporting
• Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
• Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
• Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.

Additional Responsibilities:

• Ability to assist in value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
• Good knowledge on software configuration management systems and license Management systems
• Awareness of latest technologies and Industry trends
• Logical thinking and problem solving skills along with an ability to collaborate
• Understanding of the financial processes for various types of projects and the various pricing models available
• Ability to assess the current processes, identify improvement areas and suggest the technology solutions
• One or two industry domain knowledge
• Client Interfacing skills
• Project and Team management

We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.

Roles & Responsibilities:

• Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
• Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
• Managing penetration tests and security reviews for core applications and APIs.
• Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
• Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
• Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
• Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
• Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
• Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
• Investigate privacy breaches.
• Educate employees on data privacy & security.
• Prioritize security requirements based on their severity of impact and product roadmap.
• Maintain a balance of security and business values across the organisation.

 Required Skills:

• Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
• Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.

• Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.

• Experience in Log Management, Security Event Correlation, SIEM.
• Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.

Good to Have Skills:

• Online Fraud Prevention.
• Bug Bounty experience.
• Security Operations Center (SOC) management.
• Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
• Experience / Knowledge on tools like Fortify and Nessus.
• Experience in handling logging tools on docker container images (ex. Fluentd).

Provides technical expertise and guidance in the identification, preservation, collection and analysis of digital evidence in various digital formats from computers, servers, mobile devices, and other electronic or online storage media.

Presents recommendations and findings to internal and external customers including Legal, Compliance, HR, Outside Counsel, and Law Enforcement.

Develops and maintains processes, procedures, and methodologies for collecting and analyzing digital evidence.

Maintains strong working relationships with other corporate investigation team members, subject matter experts, 3rd party vendors, and outside law firms.

Roles and Responsibilities

• Extensive experience of 2-5 years in Vulnerability Assessment and Penetration testing, Web Application security.
• An Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, CSRF, authentication/authorization, OWASP top 10 issues.
• Must have working experience in OWASP Top 10 Vulnerabilities Testing in Web applications.
• Create policy and standards for developers and testers to secure programming in the organization. (secure code review, static application security testing.
• Experience on both commercial and open source tools Cenzic Hailstorm, Burpsuite, AppScan, WebInspect, Appspider, sqlmap, OWASP ZAP. Assessing cloud security risk (AWS and Azure) and recommending appropriate security controls.
• Ability to interact with project teams to understand the security requirements and come up with solutions
• Extensive knowledge of managing Web Application Firewall (Product) including rules management and product administration
• Strong understanding of networking concept.

Desired Candidate Profile

• Excellent knowledge of Microsoft Windows operating environments and with special attention to security and hardening issues.
• Able to work independently with minimal supervision.
• Good knowledge of secure software development standard, process, techniques, cloud security policies and tools.
• Keep stakeholders updated with communications and weekly reporting.
• Collaborate with Security Platform and Services teams to build and integrate existing security solutions.
• Excellent communication skills - written, verbal, presentation and interpersonal.
• Willing to learn new skills and implement new technologies.
• Should come with bachelor’s degree in engineering, mathematics or master’s in computer application / programing.