About Landscape
ThreatLandscape is building the next-gen threat intelligence, attack surface minimalization, and remediation platform for cyber security teams at enterprises and governments.
With a mission to create a global brand, ThreatLandscape’s currently looking for passionate, like-minded folks in the areas of Data Engineering, Scientific Computing, and Machine Learning to join us as we move to change our industry’s landscape and become the go-to name for all intelligent cyber security solutions.
Similar jobs
- Provide cybersecurity consulting services to various clients of Crossbow Labs.
• Conduct interviews with clients, review client documents for compliance, write compliance reports, and prepare and deliver briefings.
• Travel to client locations to assess and validate physical and technical controls necessary to maintain compliance.
• Review network architecture, hardening of multiple operating systems, malware protection, IDS/IPS, IT controls, network and system monitoring, and protection methods.
• Work closely with clients to assess their IT security posture, identify weaknesses and vulnerabilities in relation to the PCI-DSS security framework, ISO, and other compliance standards.
• Develop compliance procedures and documentation for the PCI program.
• Conduct training sessions for clients and internal teams on PCI DSS and other cybersecurity standards and regulations.
Skills and Competencies:
• Strong technical understanding of networks, servers, workstations, and applications.
• Proficiency in the PCI DSS v3.2.1 and PCI DSS v4.0 security standard.
• Good comprehension of the ISO 27001 standard.
• Ability to conduct Risk Management, Business Continuity Planning (BCP), and Disaster Recovery (DR) reviews.
• Capability to perform network architecture reviews.
• Capability to perform system configuration reviews for operating systems (Windows & Linux), servers, databases, routers/switches, and firewalls.
• Ability to conduct firewall/network rules reviews.
• Ability to conduct application architecture reviews, review application security controls, and perform application code reviews.
• Familiarity with cloud-based hosting solutions such as Microsoft Azure and AWS.
• Strong team collaboration skills and client relationship management.
• Excellent oral and written communication skills.
• Ability to work both independently and in collaborative environments to meet delivery obligations.
• Commitment to continuous learning and staying updated with current news and trends in the cybersecurity space.
Education Qualification
BCA / B.Tech / B.Sc – Computers Science / B.Sc - Information Security / M.Sc – Information Security.
Certifications (Preferred)
PCI QSA / ISO 27001 / CISSP / CISM / CISA
Location: Abu Dhabi, United Arab Emirates (UAE)
Nationality: Any
Desired Experience: 10+ years
Job Description :
To guide and advise customers on building SOC-related services from scratch or assist in improving existing services. To assess the maturity and capability of services in scope and propose improvements. Closely working with other SOC teams, and assisting them in achieving their goals. To work closely with the rest of the Advisory team and exchange knowledge and experience.
What You’ll Do
- Deliver high-level strategy and executive advisory services.
- Lead client engagements in security advisory at the highest strategic level.
- Establish and align business principles and objectives to the long-term security operational vision by applying tactical guidance for various information security operating models.
- Perform SOC maturity assessments and build precise roadmaps based on the goals and objectives of the organization.
- Provide clients with guidance during the Initial Operating Capability (IOC) through full operational capability (FOC) covering key aspects of SOC domains such as business, process, governance, technology, people, and services.
- Create and build on the concept of operations (ConOps) in the pre-work stages that strategically prepare the client for the successful implementation of security technology and operations.
- Assist clients with recommendations in different advisory stages, such as creating security operations strategy (SOC Charter), developing training programs, assisting with use case framework implementation, developing standard operating procedures, and applying service/integrated frameworks.
- Possess the ability to identify the client's problems and use common consulting management skills such as facilitation, gap analysis, interviewing, and engaging in multiple workshops with key stakeholders.
- Collaborate with clients to define services and build technology strategies as part of the build, plan, and design phases of security operations.
- Perform as a subject matter expert (SME) in strategy conversations with C-level panels to provide exceptional IT/OT/Cloud/Physical security, compliance, regulations, and industry best practices that promote the overall mission and vision of the organization.
- Maintain a good understanding of security trends and methods for pinpointing cyber and physical security solutions that fit the client's business, financial, and technological objectives.
- Identify, build, and create cyber solutions to address security issues, perform security operations content reviews, draw conclusions, and develop strategic guidance.
- Assess and develop the current security operation effectiveness by reviewing operating procedures, workflows, policies, frameworks, and operational reporting.
- Consistently contribute towards industry-specific offerings/professional security forums/internal departmental blogs/publications/develop thought leadership.
- Contribute to the proposal process for SOC Advisory services while collaborating with other internal group members to solidify the sales pitch approach.
What you bring to the table
- 10+ years of extensive IT Security / IT Consultancy/client-facing roles related to SOC/Security operations projects (Cybersecurity Managers, IT Security Engineers, Security Analysts, Senior/Principal Security Analysts)
- Experience in SOC strategy, roadmap and documentation development, adapted to client organization (Services catalog, Security Incident Response management plan, playbooks)
- Possess the ability to support the vision and mission of any organization's security program.
- Retained proficiency in delivering high-quality and high-level strategic and advisory services.
- Possesses certifications related to enterprise information security frameworks and/or compliance, regulation-type frameworks.
- Experience in understanding complex activities and relationships quickly, assessing business and delivery risks, and communicating them effectively.
Benefits
- Schooling
- Flight & visa allowance for self and family
- Mobile Allowance
- Insurance for self & Family
- Life Insurance for self
We are seeking a highly skilled and experienced Subject Matter Expert (SME) to join our team and provide valuable insights and analysis on our cybersecurity training content and competitors. Our business vertical focuses on delivering automated cybersecurity training through a software platform to over 1 million employees of our 150+ global customers. We cater to various industries and diverse backgrounds, with different levels of technical expertise. Thus, we create a diversified variety of content to cater to the training requirements of different user groups and personas. The SME's role will be pivotal in ensuring efficient and effective cybersecurity awareness training by creating high-quality content.
Responsibilities:
● Review and evaluate cybersecurity awareness content to ensure accuracy, relevance, and effectiveness.
● Write industry-specific technical content to cater to the diversified audience.
● Provide feedback and recommendations to improve content quality and alignment with industry standards.
● Conduct competitive analysis to identify industry trends, best practices, and potential gaps in our offerings.
● Analyze global competitor strategies and offerings to identify strengths, weaknesses, and opportunities that benefit our customers.
● Stay up-to-date with the latest cybersecurity trends and industry developments to ensure our offerings remain competitive.
● Collaborate with cross-functional teams to ensure content is aligned with marketing and sales strategies.
● Identify and refine complex security problems in a simplified and layman way.
Qualifications:
● Bachelor's degree or certifications in cybersecurity, computer science, or a related field.
● Minimum of 3-5 years of experience in cybersecurity content writing and competitive analysis.
● Strong knowledge of cybersecurity concepts and best practices.
● Experience with analyzing competitor strategies and offerings.
● Excellent communication and collaboration skills.
● Strong analytical and critical thinking skills.
● Self-motivated and able to work independently.
● Ability to adapt to changing priorities and deadlines.
If you are a cybersecurity professional with a passion for creating high-quality content and analyzing the cybersecurity industry's latest trends and developments, we encourage you to apply. Join our team and help us deliver top-notch cybersecurity awareness training to our global customers.
Credit cards haven't changed much for over half a century so our team of seasoned
bankers, technologists, and designers set out to redefine the credit card for you - the
consumer. The result is OneCard - a credit card reimagined for the mobile
generation. OneCard is India's best metal credit card built with full-stack tech. It is
backed by the principles of simplicity, transparency, and giving back control to the
user.
The Engineering Challenge
“Re-imaging credit and payments from First Principles”
Payments is an interesting engineering challenge in itself with requirements of low
latency, transactional guarantees, security, and high scalability. When we add credit
and engagement into the mix, the challenge becomes even more interesting with
underwriting and recommendation algorithms working on large data sets. We have
eliminated the current call center, sales agent, and SMS-based processes with a
mobile app that puts the customers in complete control. To stay agile, the entire
stack is built on the cloud with modern technologies.
Check out our apps here:
OneCard (Best credit card app) : www.getonecard.app
OneScore (5 million downloads): http://www.onescore.app" target="_blank">www.onescore.app
Security Compliance Lead
Opportunity:
Opportunity to build GRC practice grounds up for new Age Fintech startup, lead and
implement PCI-DSS, ISO-27001, RBI compliances
What you will do:
● Be SME for all applicable regulations, guidelines and industry best practices
to manage risk and ensure compliance.
● Be the single point of contact for all external entities related to Security and
Compliance communications.
● Owner for all security documentation such as policies, standards, and
procedures.
● Owner for driving security controls across all organisation functions.
● Build continuous assessment practice which is superset of all required
regulatory compliance.
● Manages and supports Information Security Risk Management Life-cycle for
the organization.
● Provide adequate security and compliance against specific standards such as
NIST 800-53, NIST 800-171, ISO 27001, SOX, PCI, HIPAA and other
regulatory requirements.
● Identifies and formally documents deviations from published standards,
estimates risk level, recommends appropriate mitigation countermeasures in
operational and non-operational situations.
● Identify potential areas of IT compliance vulnerability and risk; guide the
accountable stakeholders to develop/implement corrective action plans for
resolution, and provide general guidance on how to avoid or deal with similar
situations in the future. Risks should be identified, assessed and monitored on
an ongoing firm-wide and individual entity basis
Experience Range:
4-8 years of experience in Cybersecurity & Risk Compliance Domain in areas
including and limited to: System Security, Network Security , SOC, Risk &
Compliance Management
Technical Expertise:
● Auditing experience in ISO-27001, SOX, NIST, PCI-DSS
● Experience with AWS Security and Compliance.
● Prior experience in the Banking and Financial domain is nice to have.
● Proven experience in Endpoint Security, Network Security, SIEM,SOC
Advanced security tools – SOAR platform, Vulnerability Management, SIEM
● Experience building Threat Modeling practice
● Strong communication skills
• Product & Technical Presentation – Customers / Partners
• Pre-Sales Support (DEMO and POC).
• RFP’s evaluation, Solutioning & Response.
• Handling Technical Queries and Troubleshooting for existing and new Customers.
• Keep up-to-date on competitive solutions, products, and services.
• OEM – Technical relation.
• Building Business with Team
- Python with Powershell (who worked in Security related product Development(First Pref)/Networking.
Key Responsibilities
- Collaborate in the design, implementation, and deployment of successful software applications in support of our Threat management platforms.
- Developing backend components to enhance performance and receptiveness, server-side logic, and highly responsive web applications.
- Performance tuning and automation of application.
- Enhancing the functionalities of current software systems.
- Understand system interdependencies and limitations.
- Functionally decompose complex problems into simple, straightforward solutions.
- Rightly estimate the task and take ownership of building production-ready software solutions.
- Collaborate with other teams to implement features based on business rules and visual design.
Minimum qualification & experience
- Engineering graduate.
- 4 years of demonstrated professional experience in delivering and operating large-scale applications.
- Strong software development skills in python including python frameworks like Django, Flask, etc.
- Experience with software development, Web frameworks and database technologies, e.g., REST APIs, and automated scripts.
- Experience with current development technologies, methodologies and workflows including CI/CD, Docker, Git, and Jenkins preferred.
- Experience with microservice development and dockerized application development is a PLUS.
- Strong knowledge of data structures, algorithms, operating systems, and distributed systems fundamentals.
- Working familiarity with networking protocols (TCP/IP, HTTP) and standard network architectures.
- Working familiarity with basic Linux administration.
- https://ind01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcybersecurityguide.org%2Fcareers%2F&data=05%7C01%7Cmadhvi.1%40neweraindia.com%7C71e5f8231a514be638bf08da656eee89%7Cc04e2addbf474beabf38e722114ec31f%7C0%7C0%7C637933824369629597%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5ezbPi2xWTVZVsmDSzinf6eC37Mr6zWQpfivsSWa1A0%3D&reserved=0" target="_blank">Experience in the cybersecurity field especially with threat intelligence or security orchestration is a plus.
- Work on inhouse projects on our award-winning Data Security Platform in Enterprise Environments
- Ensuring that the customer expectations are met within the committed timeframes.
- Only Freshers and Immediate Joiners
Qualifications & Responsibilities
Year of Experience : 3- 8 yrs
Location : Bangalore, Delhi, Mumbai, Pune
Work on ISO 27001 & NIST based Information Security Management System implementation and sustenance.
- Responsible for SOX (IT Security Controls) and track the monthly/quarterly/annual control reports and drive effectiveness of SOX controls.
- Work on Business Continuity Planning, IT Disaster Recovery as per ISO27001 & NIST requirements
- Assess information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk
- Conduct Information Systems audits covering IT infrastructure assets
- Working knowledge in security domains such as: security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection
- Experience in leveraging industry standards and frameworks such as ISO/IEC 27001, NIST CSF/800-171, etc.
- Possesses certifications such as ISO27001 LA. CISSP, CISA certification- preferred
Why NCG?
WHO WE ARE DRIVES WHAT WE DO!
We Don't build the organization; we create an everlasting family. Our people express a sense of winning together when times are good and sticking together when times are tough.
Are you a Doer or Achiever?
Well, at NCG, our doors are Open for Doers and Achievers alike. We are a Cult where we create, innovate, learn and Contribute in a comfortable, transparent, and fair environment.
Joining NCG means contributing to a shared ambition for reliable work culture, tackling extraordinary technological challenges in multicultural teams, preserving your work/life balance, and more!
1. Monitor the quality of results of the automated system in the detection of attacks,
intrusions, and unusual, unauthorized or illegal activities.
2. Build and maintain scripts that collect cyber threats data from external sources as well as
from the in-house analytics engine, data quality inspection, and dataset creation for ML
with manual annotation.
3. Assist Data Scientists & Machine Learning Engineers in developing systems that
automate risk assessment/mitigation workflows.
4. Keep up to date with the latest security and technology developments.
5. Research and evaluate emerging cybersecurity threats and ways to manage them.
Required skills
1. Attention to details and a quality first mindset.
2. Knowledge of current hacking techniques, vulnerabilities, and security analysis
techniques.
3. Basic programming experience, and the ability to automate tasks.
4. Manual code review or source code analysis experience.
Note: We are a startup, you will have much more responsibilities.
Benefits
1. A competitive salary.
2. Health Insurance.
3. An awesome team that will challenge and respect you.
4. Lunch, Unlimited snacks and drinks.
5. Top notch office in the heart of Bangalore City.