20+ Security Information and Event Management (SIEM) Jobs in India
Apply to 20+ Security Information and Event Management (SIEM) Jobs on CutShort.io. Find your next job, effortlessly. Browse Security Information and Event Management (SIEM) Jobs and apply today!
Summary:
● We are seeking a highly motivated and experienced Cyber security
● Expert to join our team. You will be responsible
for safeguarding our IT infrastructure, data, and applications from cyber threats.
● You will have a deep understanding of server, endpoint, mail, and infrastructure security and possess strong incident response skills.
● Additionally, you will be well-versed in relevant regulations and how to navigate them during data breaches.
Responsibilities:
● Implement and maintain comprehensive security controls for servers, endpoints, mail, and infrastructure.
● Conduct regular vulnerability assessments and penetration testing.
● Monitor security logs and SIEM systems for suspicious activity.
● Investigate and respond to security incidents, including data breaches.
● Develop and implement incident response plans and procedures.
● Stay up-to-date on the latest cyber threats and vulnerabilities.
● Provide security awareness training to employees.
● Advise on and implement security best practices throughout the organization.
● Understand and comply with relevant data privacy and security regulations (e.g., HIPAA, GDPR, PCI DSS).
● Work collaboratively with IT, business units, and legal teams.
at Metron Security Private Limited
Be the face of Metron Security for multiple customers:
- Gain a deep understanding of the customer's platform and the platform they want to integrate with.
- Understand customer requirements around the integration.
- Design the best approach with easy-to-use UX for the integration after discussing with the Solution Architect/Director of Engineering.
- Communicate the timelines and deliverables with customers in regular calls (Typically we do weekly calls).
- Jump on technical support calls and try to solve the issues on-call (with help of Team leads/developers/QA).
- The ultimate goal for you is to build deep expertise around security platforms to deliver high-quality custom automation solutions. This will happen over the first 3 months, but in the end, you should be able to converse with any Product Manager on the client side like a peer. This means understanding their problem and suggesting solutions based on your experience and study.
2. Play as a bridge between the Customer and Development team:
- Make sure the team is not blocked if they have any queries for the customer. For situations where the customer is unsure, you need to take the most logical decision and move ahead.
- Ensure to train the team to handle the customer calls.
- Teach, mentor, grow and provide advice to junior developers and recruits in the team.
- Solves technical problems of the highest scope or complexity for clients.
- Make sure the team works on the items, which are important for the customer.
3. Ensuring our company culture remains on target:
- Customer Delight - All of our customers are delighted with our work. Just being “satisfied” is not enough. All of our customers come back to us for repeated work - this is possible only through excellent on-time and quality delivery. We take pride in being respected as peers in the industry (unlike many other firms where the Indian development center is subservient to clients).
- On-time delivery with excellent quality. Every single time.
- Platform agnostic-We take pride in building on whatever language (Python, C#, Java, JavaScript) and platform that the customer wants.
- Reward-based- Anyone showing initiative and delivery will be rewarded with rapid promotions. We do not have a culture of “You get this designation if you have X years of experience”.
- Sane working hours - No work on weekends, only sporadic evening calls.
4. Being hands-on. You should be able to solve deep technical problems for the team when the team leads cannot.
5. Be updated with the pulse of the customer and raise it with management:
- Deliveries are going to miss with significant delays.
- Customer changed the requirements significantly.
6. Lead to build and maintain a documented knowledge base about the different Cyber Security Platforms (with help of the development team members).
Metron Security has built integrations/connectors/parsers for over 100+ security platforms and we are on track to cover over 200+ platforms by the end of this year . To succeed in this role, we believe you need the following:
- A positive go-getter attitude to take on any new platform and get into the weeds
- Being programming language agnostic
- A hacker, and a problem solver
- Good Time and Task Management
- Quick Learning Ability
- A Good Team Player
As an Enterprise Security Architect you will join a growing organization to lead a modern enterprise security program. In this role the Architect will have responsibility for identifying, defining, developing, leading security technology strategy across a broad portfolio of IAM, Cloud, End Point, Network, Web security and related technology systems, and the assessment of new and emerging identity technologies at the very large enterprise scale.
As a senior member of the team you will engage and partner with senior leaders across the organization leveraging your extensive background in (managing / delivering / implementing / architecting) security technology combined with expertise in organizational and cross-functional communication to develop strategy, influence roadmaps, solution adoption, champion strategic opportunities / execution plans with the aim to improve security capabilities, reduce risk and position forward looking identity governance and security enhancements
• Responsible for defining an architectural vision and architecture for large complex solutions, which aligns with the enterprise architecture strategy, technology and platform choices
• Describes the solution intent and the associated operating environment, determining the primary systems/subsystems and their interfaces, defining non-functional requirements and architectural runway to support new epics/features and expand into new opportunities
• Ensures the solution is fit for purpose and use by working with stakeholders, vendors/service providers, and evaluating the impact of strategic design decisions
• Contributes to best practices, standard templates, and the architecture roadmap for defined domains.
• Creates endpoint/host, workplace productivity security reference architecture and design patterns for reusability.
• Contributes in the creation of the architecture roadmap of defined domains (Business, Application, Data and Technology) in support of the product roadmap
• Contributes to the development of best practices including standardized templates
• Works across business and technology to create the solution intent and architectural vision for large complex solutions and evolves it based on an emerging backlog
• Works with Product Manager/Owner to plan and prioritize technology focused backlog items for the architecture runway to enable business epics/features and expand into new opportunities
• Clarifies the architecture for the development teams to support implementation, and provides solution options to resolve any architectural impediments
• Performs design and code reviews to ensure all non-functional requirements for a solution are sufficiently met (e.g. security, performance, maintainability, scalability, usability, and reliability)
• The platform security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers.
• Develop blueprints and procedures to effectively secure company data against accidental or unauthorized modification, destruction or disclosure.
• Create and define the security architectures and roadmaps encompassing cloud architecture, access management, and monitoring.
• Design and develop data security architectures for cloud and cloud/hybrid-based systems.
• Align architectural design technical controls and solutions to industry best practices and guidelines (e.g., NIST CSF, CSA, CIS, OWASP)
What are we looking for?
We want strong collaborators who can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented, and are able to execute in a way that encourages creativity and continuous improvement.
Requirements:
• 10+ years of hands-on experience with scoping, sizing, designing, architecting & building IAM solutions across various technologies, or demonstrated ability to meet job requirements through comparable work experience.
• Expert level knowledge of authentication/authorization standards, protocols, and frameworks such as FIDO, OpenID, SAML, OAuth, JWT, CA, X.509, MTLS, etc.
• Technical expertise and experience with Microsoft MFA, SailPoint, CyberArk, ForgeRock, Okta, Ping, Active Directory, Azure Active Directory, AWS, Google Cloud Platform, Microsoft Azure, and IDM integration across domains
• Solid understanding of Cloud concepts and hands on knowledge on Azure/AD or other cloud identity environments.
• Experience designing and implementing security services and tools applied to GCP, Azure and AWS
• Expertise with Data Loss Prevention and CASB strategies and solutions supporting security of critical SaaS solutions such as Office 365, etc.
• Experience with Hybrid cloud architectures and designs
• Must have experience with Internet Application Hosting architectures, best practices and related technologies to effectively protect externally facing applications
• Experience with DevSecOps process, Container technologies (Docker, Kubernetes), API Gateways, and other common web application technologies is preferred
• Strong knowledge of enterprise security concepts/frameworks and products, secure design principles and best practices
• Strong verbal and writing skills to develop technical documentation and presentations
• Experience in leading technical architecture and security design discussions
• Experience managing multiple multi-level stakeholder relationships
• Bachelors in Computer Science, Computer Engineering or related field
“Such other task that Company may assign you time to time”.
Position Title: Manager – Security Operations Organization /Function: Manager is responsible for day to day operational and project delivery for a set of customers Relevant Experience: 10+ years of experience in security area and at least 2 years as Security manager Educational Qualification: BE/B.Tech/ME/M.Tech/Graduate/Master in any stream with excellent academic record
Must-have Skills: • Must know common security policy frameworks and possess knowledge of how security programs are run at mid to large scale companies • Must have managed a team to deliver “Managed Security Service” or “Security Operations Center” • Prior working Background in either SIEM tools (Splunk, ArcSight, QRadar, DNIF etc.) or Vulnerability assessment and Management tool (Qualys/Rapid7) and process • Has broader context and understanding of managed security services • Must have service mindset and empathy. Must deal with a level of ambiguity, chaos and apparent stubbornness from customers, and manage around it by thinking through the issue or request from the customer’s perspective to drive to a reasonable conclusion • Must have prior experience on Project Management • Must have prior experience of onsite-offshore delivery model and should have directly worked with US/European customers or colleagues • Must have ITIL process knowledge
1.Triage of security alerts that includes but not limited to malware, denial of service, unauthorized access, etc.
2. Conduct incident investigations on SIEM tools.
3. Perform threat hunting on networks to detect and isolate threats.
4. Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM and intrusion detection systems)
5. Continuous optimization, tuning and monitoring of SIEM solution
6. Hands on experience around administrating and threat hunting on EDR, XDR, DLP and SIEM tools.
7. Ability to analyze endpoint, network, and application logs
8. Identify false positives, analyse reported spam, phishing, and suspicious emails and understanding of email security concepts: SPF, DMARC, DKIM
9. Immediate Joiners
at Fullness Web Solutions
We are looking for a capable System Administrator to take over all aspects of the configuration and maintenance of computer systems. A System Admin should be able to diagnose and resolve problems quickly and should have the patience to communicate with a variety of interdisciplinary teams and users.
Monitoring and reporting all points mentioned below.
Ensure Security updates are installed:
- Regularly checking whether the Antivirus software is updated for users.
- Regularly monitor platforms like Google to ensure everybody is using up-to-date applications with no security issues.
- Regularly Email users about the security updates that they need to install on their laptops and PCs.
Antivirus
Centrally managed antivirus should be installed on all laptops and mobile devices.
- Adding a purchase request for any additional licence that we might require.
- Pushing new software updates on users’ laptops.
- Keeping up-to-date with antivirus updates so all our devices are secure.
- Miradore user agent
Mobile device and access management
- Set rules and configure settings on personal and organisation-owned devices to access data and networks.
- Deploy and authenticate apps on devices -- on-premises and mobile.
- Protect company data by controlling the way users access and share information.
- Make sure devices and apps are compliant with security requirements.
- Only provide user access to laptops (No admin access, excluding developers)
- All new software installation requests will go through the system admin to make sure nothing is installed on work laptops that poses a security risk.
Vanta compliance-related tickets
- Vanta will continue to monitor and create issues to be compliant with ISO 27K over time. The system administrator must resolve all such system-related tickets.
Access management to different user applications
- Access should be restricted to only what is necessary to perform job duties ("principle of least privilege").
- Technical access to all the company’s networks must be formally documented, including the standard role for approver, grantor, and date.
- Only authorised employees and third parties working off a signed contract or statement of work, with a business need, shall be granted access to the company’s production networks.
- The company’s guests may be granted access to guest networks after registering with office staff without a documented request - guest network management.
Removal media encryption
- Research removable media encryption and figure out if removable media should be implemented and make sure it is always encrypted.
MFA reset and debugging
As we are enabling MFA for more and more applications that we have, more people are likely to have issues with it as the business moves forward.
- Different online applications will have different ways of handling the MFA reset; a system admin should be familiar with all.
Website watcher configuration and email issues
- Software like Website Watcher keeps having email issues, as it sends emails in huge numbers every day. The system administrator must keep an eye on the emails and fix issues promptly as and when they arise.
Office network management
- System admin can help in creating guest networks in the office and making sure that the network is as secure as possible.
Phishing emails
- Finding the optimal solution to prevent phishing emails from getting delivered.
- Verifying emails sent by our staff to check for phishing emails.
Security incidents handling
- System admin must monitor incident and event tickets and assign severity tickets.
- Continuous checks to ensure the security incident policies are being followed and up to date
- A root cause analysis report must be documented and referenced in incident tickets.
- A central "War Room" will be designated for handling security threats. This may be a physical or virtual location (i.e., Slack channel) and managed by the system admin.
- Conducting recurring Incident Response Meetings until the incident is resolved (as per the company's established norms)
Implement password policy
- Password policy must be in place to ensure that users are using secure passwords that are not easily crackable.
Add-ons:
- Devops is a plus point
At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.
F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.
Responsibilities:
- Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
- You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
- You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
- You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
- You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
- Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members
Minimum qualifications:
- BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
- Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
- Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
- Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
- Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
- Good understanding of complexities and security challenges in large-scale distributed systems
- Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
- Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
- Excellent written and verbal communication skills
- Strong interpersonal, team building, and mentoring skills
Job Description
Cyber Threat Intelligence & Threat Hunting - Subject Matter Expert (B3-2)
Responsibilities:
Perform threat research, create actionable threat advisories, and derive hunting queries based on the evolving threat vectors.
Understand APT groups, Conduct deep dive technical analysis of cyber-attack tools, tactics, and procedures. Create hypothesis and perform active threat hunting.
Minimum Requirements:
10+ years of overall experience, 7+ years of experience in cyber threat intelligence, malware analysis (Reverse engineering)
Hands-on experience with writing threat hunting hypothesis & active threat hunting
Experience with YARA rule and OpenIOC signature creation.
Experience with multi-tiered mission-critical systems.
Experience in opensource sandbox and honeypots.
Preferred Certification
GIAC Cyber Threat Intelligence (GCTI)
C| TIA (Certified Threat Intelligence Analyst)
CCTIA by the NICCS
• Handling critical incidents/escalations, reviewing incidents and tracking towards closure • Good experience in SIEM tools, event logging and event analysis • Good knowledge in enterprise security products like Firewalls, IPS, Web/content Filtering tools, Compliance tools • Team Management, performance monitoring and prepare reports on weekly, monthly basis and share to stakeholders as needed • Good knowledge about common security attacks, targeted attacks • Good experience in forensic analysis, Packet Analysis tools like Wireshar • Assisting, mentoring L2/L3 analysts and groom them to move to next level • Contribute to continue monitoring and improvement of security posture of the organization • Having experience of managing team of 25+ team members across multiple locations.
|
• Primarily responsible for security event monitoring, management and response • Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring • Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs • Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center • Management, administration & maintenance of security devices under the purview of SOC which consists of state-of-the art technologies • Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring • Responsible for integration of standard and non-standard logs in SIEM • Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. • Co-ordination with stakeholders, build and maintain positive working relationships with them
|
Responsibilities:
The Senior Information Security Engineer is responsible for the implementation, execution and maintenance of technology solutions to mitigate risk, to protect the IT and Engineering environments by reducing the probability of, and to minimize the effects of, damage caused by malware, malicious activities and security events.
The individual will help protect the company by deploying, tuning, and managing security tools across the computing environment, as well as provide security incident response cycle support. They should have a passion and skills for identifying the latest cyber threats. The individual will:
Basic Qualifications
- Working knowledge of infrastructure-as-code and CI/CD pipelines tools (i.e. Jenkins, Teamcity, CircleCI etc..)
- Lead and participate in major day-to-day operational aspects of the security engineering team including improvement of current security controls while constantly identifying areas of needed improvement
- Deep hands-on security experience with cloud providers, such as AWS, GCP, Azure
- Understanding of automated security testing approaches and tools
- Experience with proactive integration of security into the development process
- Lead continuous improvement efforts of out security tools and systems (Concertation on SIEM, IDS, EDR Tools)
- Work with our customers (Security Operations, Incident Response, and Product teams) to incorporate high quality security alerting into their operational workflows
- Improve overall security practitioner efficiency through process automation
- Foster and promote collaboration among all members of the IT, Infrastructure, and Risk Management Departments.
Minimum Qualifications/Requirements
- BS or MS in Computer Science or related field
- Minimum 7+ years of cybersecurity experience
- Must have previous experience performing threat hunting and incident response duties using SIEM tools, cybersecurity management consoles, and ticketing systems
- Experience in deployment, development, and maintenance of SIEM
- Experience writing and using Ansible server administration scripts, and create simple Python, BASH, or Powershell scripts to automate cybersecurity functions
- Scripting experience to automate security operations, alerting, and compliance checks, CI/CD design, deployment, and management
- Experience with managing endpoint response and detection infrastructure and endpoints at the enterprise level, including performing upgrades to the back end application and deploying new agent versions to endpoints
- Understanding the investigative process and performing triage for cybersecurity incidents
- Experience maintaining industry leading security technologies or infrastructure systems in complex technical IT operations environment
- Must be detail-oriented and organized with ability to handle competing demands while meeting deadlines
- Experience in authentication protocols and frameworks to include OAuth, and AWS IAM
- Proactive and motivated; team player with a positive can-do attitude
- Strong analytical/problem-solving skills and cross-functional knowledge across multiple IT operational and security disciplines
- Ability to communicate technical concepts to a broad range of technical and non-technical staff
- Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change
What you will be doing:
- Participate in network and security initiatives, network designs, project plans, and deployments as well as coordinating technical issues with vendors and internal teams
- Contribute to design, installation, maintenance, vulnerability remediation, and monitoring of network and security systems
- Responsible for expert-level troubleshooting of any problems relating to global issues - participation in security incident management and response.
- Providing support and guidance to Technology teams across network and security technologies.
- Adhere to IT access-management incident response and change control procedures (ITIL)
- Continuous documentation of the IT network infrastructure including technical specifications, design documents, roll-out, and disaster recovery plans
What we are looking for:
A Network Security engineer with a solid comprehensive background in:
- Ability to manage, supervise and delegate multiple tasks
- Strong experience with SIEM and log management
- EDR (Endpoint Detection and Response - especially in Microsoft ATP, Defender or SentinelOne) configuration and management.
- Vendor management; including SOC (Security Operations Centre) providers
- Global Security Incident management support
- Experience in SD-WAN (Meraki) management and troubleshooting
- Knowledge of network security, hardening network equipment, and vulnerability scans
- Experience in Microsoft security and endpoint management tooling such as MCAS and MEM
- Excellent troubleshooting skills. Ability to rapidly identify respond to and resolve issues
- Proven experience in remote access technologies (ZScaler an advantage)
- Excellent communication skills (written and verbal).
- An ability to work under pressure and take ownership of tasks and customer issues.
- Ability to work individually and as part of a global Infrastructure Technology team with regional teams in India, UK and North America.
Information Security Specialist
Notice Period: 45 days / Immediate Joining
Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA.
We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.
It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges.
Key Qualifications
· Design, deploy, and support Information Security Solutions provided by BDS
· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms
· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.
· Research and strategic analysis of existing, and evolving all IT and data security technologies
· Establish baselines to define required security controls for all infrastructure components and application stack
· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.
· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts
· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up
· Must be able to work a flexible schedule during off-hours
Key Skills & Qualification
· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance
· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)
· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk
· Exposure of the security audit tools on public cloud platforms
· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture
· Certified Ethical Hacker would be a plus
· Handling of Security audits is a must
· Proven interpersonal skills while contributing to team effort by accomplishing related results
· Passion for learning new technologies and the ability to do so quickly.
http://www.banyandata.com" target="_blank">www.banyandata.com
this IT company is looking for candidates for this profile.
IT Security Manager- 8-12 Years
NOTE - We are looking for those candidates who can join immediately or within 15-20 days of the notice period.
Key Responsibilities:
• Lead IT security projects including design and implementation of security infrastructure &software
• Experience working with Linux/UNIX administration"
•
• Define next gen IT security strategy, architecture, and processes for the group
• Analyse business requirements by partnering with key stakeholders across the organization to develop security solutions
• Lead validation of BCP & DR as per the organizational needs
• Experience with framing apolicies, processes and procedures and their implementation of IT Security for both On premise and Cloud infrastructure
• Write or review security-related documents, such as incident reports, proposals, and tactical or strategic initiatives.
• Maintain and manage security for all existing and new IT infrastructure and Applications
• Monitor security performance of information technology systems to drive cost and productivity levels, and to make recommendations for improving & standardization of the IT infrastructure
• Develop strategies for infra and application hardening
• Hands on experience with implementation of various security products & infrastructure
• Testing, troubleshooting, and modifying and ensure no performance impact on the systems so that they operate effectively
• Prepare plan and strategies to ensure security of the organization including both high and low risk events.
• Develop budgets for security operations and new initiatives.
• Coordinate security operations, Audit & Compliance activities along with law enforcement and government agencies.
• Ensure completeness of documentation and have exposure to ISO 27001, ISMS policies
• Work with key IT service providers to ensure industry standard platform, network and endpoint security posture
Key Skills required:
• Critical Infrastructure Management- (Manage SPI, Certification resources and infrastructure)
• WAF – Barracuda, Cloudflare, Akamai
• Cloud Security – AWS and Azure are preferred
• Work with Software and teams in resolving vulnerabilities
• SSL and PKI infrastructure management
• SIEM – Event Management, Endpoint Management, Threat analysis, patch Management
• Anti-Virus (VDC and Global Endpoints)- Web content filtering, Definition updates,
• Time Monitoring – system health checks and resource utilization checks, SIEM log analysis
• Log Monitoring and Log Analysis – collect, alert, store, search, report and share system and WAF logs
• Manage compliance – PCI, ISO
• Ability to work in global environments with teams spread globally
• Multi-tasking and time-management skills, with the ability to prioritize tasks.
• Highly organized and detail oriented.
• Excellent analytical and problem-solving skills.
• Experience with framing policies, processes and procedures and their implementation of IT Security for both On premise and Cloud infrastructure
experience with policies
• blue team (any experience with defending the network)
any experience with vulnerability assessment and PT
Credit cards haven't changed much for over half a century so our team of seasoned
bankers, technologists, and designers set out to redefine the credit card for you - the
consumer. The result is OneCard - a credit card reimagined for the mobile
generation. OneCard is India's best metal credit card built with full-stack tech. It is
backed by the principles of simplicity, transparency, and giving back control to the
user.
The Engineering Challenge
“Re-imaging credit and payments from First Principles”
Payments is an interesting engineering challenge in itself with requirements of low
latency, transactional guarantees, security, and high scalability. When we add credit
and engagement into the mix, the challenge becomes even more interesting with
underwriting and recommendation algorithms working on large data sets. We have
eliminated the current call center, sales agent, and SMS-based processes with a
mobile app that puts the customers in complete control. To stay agile, the entire
stack is built on the cloud with modern technologies.
Check out our apps here:
OneCard (Best credit card app) : www.getonecard.app
OneScore (5 million downloads): http://www.onescore.app" target="_blank">www.onescore.app
Security Compliance Lead
Opportunity:
Opportunity to build GRC practice grounds up for new Age Fintech startup, lead and
implement PCI-DSS, ISO-27001, RBI compliances
What you will do:
● Be SME for all applicable regulations, guidelines and industry best practices
to manage risk and ensure compliance.
● Be the single point of contact for all external entities related to Security and
Compliance communications.
● Owner for all security documentation such as policies, standards, and
procedures.
● Owner for driving security controls across all organisation functions.
● Build continuous assessment practice which is superset of all required
regulatory compliance.
● Manages and supports Information Security Risk Management Life-cycle for
the organization.
● Provide adequate security and compliance against specific standards such as
NIST 800-53, NIST 800-171, ISO 27001, SOX, PCI, HIPAA and other
regulatory requirements.
● Identifies and formally documents deviations from published standards,
estimates risk level, recommends appropriate mitigation countermeasures in
operational and non-operational situations.
● Identify potential areas of IT compliance vulnerability and risk; guide the
accountable stakeholders to develop/implement corrective action plans for
resolution, and provide general guidance on how to avoid or deal with similar
situations in the future. Risks should be identified, assessed and monitored on
an ongoing firm-wide and individual entity basis
Experience Range:
4-8 years of experience in Cybersecurity & Risk Compliance Domain in areas
including and limited to: System Security, Network Security , SOC, Risk &
Compliance Management
Technical Expertise:
● Auditing experience in ISO-27001, SOX, NIST, PCI-DSS
● Experience with AWS Security and Compliance.
● Prior experience in the Banking and Financial domain is nice to have.
● Proven experience in Endpoint Security, Network Security, SIEM,SOC
Advanced security tools – SOAR platform, Vulnerability Management, SIEM
● Experience building Threat Modeling practice
● Strong communication skills
We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.
Roles & Responsibilities:
- Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
- Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
- Managing penetration tests and security reviews for core applications and APIs.
- Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
- Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
- Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
- Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
- Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
- Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
- Investigate privacy breaches.
- Educate employees on data privacy & security.
- Prioritize security requirements based on their severity of impact and product roadmap.
- Maintain a balance of security and business values across the organisation.
Required Skills:
- Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
- Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.
- Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.
- Experience in Log Management, Security Event Correlation, SIEM.
- Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.
Good to Have Skills:
- Online Fraud Prevention.
- Bug Bounty experience.
- Security Operations Center (SOC) management.
- Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
- Experience / Knowledge on tools like Fortify and Nessus.
- Experience in handling logging tools on docker container images (ex. Fluentd).
Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting