senior penetration tester

To us, a Technical Interviewer is a go-to person for technical interviews for any technology. This means that your duties will involve conducting technical interview rounds of candidates having a technical background of any kind.

The job of a Technical Interviewer is important to business success. Hiring the right talent is our most critical point and a vital aspect of a complete Technical Interviewer’s job description and specification.

• Own full technical recruitment process including interviews, feedback, and building talent pipelines
• Identify the right talent for the organization
• Train and mentor new and existing interviewers
• Identify the gaps in the interview process and work on solutions
• Maintain a healthy candidate experience and build the employer brand
• To be up to date with new technologies
• Participate in various coding and technology-related challenges to gain knowledge 
• Nurture a positive working environment
• Have a strong sense of ownership for assigned tasks and a willingness to go the extra mile when needed
• Is an effective communicator who can establish rapport with people at all levels

• Bachelor's Degree in BSc/BE/BTech in Computer Science, Engineering, or a related field
• General programming skills in languages like Java, Javascript, Ruby or equivalent.
• Proven working experience in the same profession or as a trainer 
• People-oriented and results-driven
• The ability to work as part of a team
• Strong analytical and problem-solving skills
• Excellent administrative and organizational skills
• Effective communication skills
• Proven hands-on Software Development experience

At Upswing, we are committed to building a robust, scalable & secure API platform to power the world of Open Finance.

We are a passionate and self-driven team of thinkers who aspire to build the rails to connect the legacy financial sector with financial innovators through a simple and powerful banking-as-a-service (BaaS) platform.

We are looking for motivated engineers who will be working in a highly creative and cutting-edge technology environment to build a world-class financial services suite.

About the role

As part of the DevSecOps team at Upswing, you will get to work on building state-of-the-art infrastructure for the future. You will also be –

• Managing security aspects of the Cloud Infrastructure 
• Designing and Implementing Security measures, Incident Response guidelines 
• Conducting Security Awareness Training
• Developing SIEM tooling and pipelines end to end for vulnerability/security/incident reporting 
• Developing automation and performing routine VAPT for Network and Applications
• Integrating with 3rd party vendors for the services required to improve security posture 
• Mentoring people across the teams to enable best practices 

What will you do if you join us?

• Engage in a lot of cross-team collaboration to independently drive forward DevSecOps practices across the org 
• Take Ownership of existing, ongoing, and future DevSecOps initiatives 
• Plan and Engage in Architecture discussions to bring in different angles (especially security angles) to the table
• Build Automation stack and tools for security pipeline 
• Integrate different security measures and pipelines with the SIEM tool
• Conducting routine VAPT using manual and automated workflows, generating and maintaining the report for the same
• Introduce and Implement best practices across teams for a great security posture in the org

You should have

• Curiosity for on-the-job learning and experimenting with new technologies and ideas
• A strong background in Linux environment
• Proven experience in Architecting networks with security first implementation
• Experience with VAPT tooling for Networks and Applications is required 
• Strong experience in Cloud technologies, multi-cloud environments, and best practices in Cloud 
• Experience with at least one scripting language (Ruby/Python/Groovy)
• Experience in Terraform is highly desirable but not mandatory
• Some experience with Kubernetes, and Docker is required 
• Understanding Java web applications and monitoring them for security vulnerabilities would be a plus 
• Any other DevSecOps-related experience will be considered

Roles and Responsibilities

• Managing Availability, Performance, Capacity of infrastructure and applications.
• Building and implementing observability for applications health/performance/capacity.
• Optimizing On-call rotations and processes.
• Documenting “tribal” knowledge.
• Managing Infra-platforms like Mesos/Kubernetes,CICD,Observability (Prometheus/New Relic/ELK),Cloud Platforms (AWS/ Azure),Databases,Data Platforms Infrastructure
• Providing help in onboarding new services with production readiness review process.
• Providing reports on services SLO/Error Budgets/Alerts and Operational Overhead.
• Working with Dev and Product teams to define SLO/Error Budgets/Alerts.
• Working with Dev team to have in depth understanding of the application architecture

          and its bottlenecks.

• Identifying observability gaps in product services, infrastructure and working with stake

          owners to fix it.

• Managing Outages and doing detailed RCA with developers and identifying ways to

          avoid that situation.

• Managing/Automating upgrades of the infrastructure services.
• Automate toil work.
•  

Experience & Skills

• 6+ years of total experience
• Experience as an SRE/DevOps/Infrastructure Engineer on large scale microservices and infrastructure.

• A collaborative spirit with the ability to work across disciplines to influence, learn, and

         deliver.

• A deep understanding of computer science, software development, and networking principles.
• Demonstrated experience with languages, such as Python, Java, Golang etc.
• Extensive experience with Linux administration and good understanding the various

linux kernel subsystems (memory, storage, network etc).

• Extensive experience in DNS, TCP/IP, UDP, GRPC, Routing and Load Balancing.
• Expertise in GitOps, Infrastructure as a Code tools such as Terraform etc.. and
• Configuration Management Tools such as Chef, Puppet, Saltstack, Ansible.
• Expertise of Amazon Web Services (AWS) and/or other relevant Cloud Infrastructure

solutions like Microsoft Azure or Google Cloud.

• Experience in building CI/CD solutions with tools such as Jenkins, GitLab, Spinnaker,

Argo etc.

• Experience in managing and deploying containerized environments using Docker,

Mesos/Kubernetes is a plus.

Information Security Specialist

Notice Period: 45 days / Immediate Joining

Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA. 

We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.

It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges. 

Key Qualifications

· Design, deploy, and support Information Security Solutions provided by BDS

· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms

· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.

· Research and strategic analysis of existing, and evolving all IT and data security technologies

· Establish baselines to define required security controls for all infrastructure components and application stack

· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.

· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts

· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up

· Must be able to work a flexible schedule during off-hours

Key Skills & Qualification

· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance

· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)

· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk

· Exposure of the security audit tools on public cloud platforms

· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture

· Certified Ethical Hacker would be a plus

· Handling of Security audits is a must

· Proven interpersonal skills while contributing to team effort by accomplishing related results

· Passion for learning new technologies and the ability to do so quickly.

http://www.banyandata.com" target="_blank">www.banyandata.com 

• 5+ years of software development or site reliability engineering or equivalent experience
• Skilled at problem solving, algorithms, and data structures
• Building tools and scripting frameworks from scratch
• Working with Cloud Automation tools like CloudFormation, Terraform, CDK, aws-cli
• Scripting languages like Python, Groovy, PowerShell, Bash, Perl etc.
• Configuration automation using Ansible or equivalent tools
• Exposure to Windows, Linux administration skills
• Project management tools like Jira, Trello
• Prior experience in dealing with Datastore technologies like Postgres, MySQL, SQL, DynamoDB is desirable
• Familiarity with basic networking, security and cloud engineering concepts
• Team player who is eager to help others to succeed through mentoring and leading by example
• Highly collaborative with effective written and verbal communication skills