21+ Security Information and Event Management (SIEM) Jobs in India

Fynd is India’s largest omnichannel platform and multi-platform tech company with expertise in retail tech and products in AI, ML, big data ops, gaming+crypto, image editing and learning space. Founded in 2012 by 3 IIT Bombay alumni: Farooq Adam, Harsh Shah and Sreeraman MG. We are headquartered in Mumbai and have 1000+ brands under management, more than 10k stores and servicing 23k + pin codes.

We're looking for an SDE I/ SDE II- DevSecOps to join our Engineering Team. The team builds products for 10M+ Fynd users and internal teams. Our team consists of generalist engineers who work on building modern websites (SPA & Isomorphic), mobile apps for Android & iOS, REST APIs and servers, internal tools, and infrastructure for all our users.

What will you do at Fynd?

• Build a Culture around Security Engineering at Fynd</li><li>Ensure that a healthy security posture is maintained by continuously assessing/monitoring perimeter as well as internal security posture.
• Identify, integrate, monitor, and improve InfoSec controls by understanding business processes.
• Drive a DevSecOps culture in the organization by implementing shift left security culture.
• Conduct security reviews, auditing, penetration testing, risk assessments, vulnerability assessments, threat modeling.
• Install, configure, manage, and maintain mission-critical enterprise applications such as AV, patching, SIEM, DLP, log management and other technical controls. Troubleshoot security system and related issues
• Should have good understanding in working on CSPM
• Should have good understanding in different Services of AWS & GCP, Also need someone who should know DNS.
• Improve Cloud, Application ,Kafka, Database security posture and Kubernetes security using CI/CD Understand by regular gap assessment, Provide support in detection and mitigation of cyber security vulnerability and incidents for Cloud
• Run security automation tools for periodic scans - SAST, DAST, Infrastructure scanning, Compliance check 
• Adhere to OWASP guidelines and bring the OWASP maturity model at organisation level.
• Strong understanding of network concepts including TCP/IP, HTTP and TLS, DDoS detection/prevention, and network and host anomaly detection through both automated (NIDS/HIDS) and manual means.
• A good knack for automating infrastructure security as much as possible

Some specific requirements

• Need to have a professional experience of at least 3-4 years acquired in monitoring and improving DevSec Ops tools and processes
• Extensive knowledge in assurance tools such as Fortify, OWASP ZAP, Sonarqube, Open source automation tools and their integrations into CI/CD cycles.
• Understanding of Zero Trust policy and its implementation.
• Identify security weakness across multiple programming languages like Python, Node JS, Java, Go, Javascript, HTML etc
• Participate in incident handling and other related duties to support the information security function.
• Ability to drive security automation and DevSecOps within engineering life cycle, as well as vulnerability/bug remediation
• Good to have audit experience across compliance certifications like ISO 27001/ISMS/PCI DSS / SoC 2
• Experience in Kubernetes Infra, Cloud deployment technologies - AWS, GCP

Summary:

● We are seeking a highly motivated and experienced Cyber security

● Expert to join our team. You will be responsible

for safeguarding our IT infrastructure, data, and applications from cyber threats.

● You will have a deep understanding of server, endpoint, mail, and infrastructure security and possess strong incident response skills.

● Additionally, you will be well-versed in relevant regulations and how to navigate them during data breaches.

Responsibilities:

● Implement and maintain comprehensive security controls for servers, endpoints, mail, and infrastructure.

● Conduct regular vulnerability assessments and penetration testing.

● Monitor security logs and SIEM systems for suspicious activity.

● Investigate and respond to security incidents, including data breaches.

● Develop and implement incident response plans and procedures.

● Stay up-to-date on the latest cyber threats and vulnerabilities.

● Provide security awareness training to employees.

● Advise on and implement security best practices throughout the organization.

● Understand and comply with relevant data privacy and security regulations (e.g., HIPAA, GDPR, PCI DSS).

● Work collaboratively with IT, business units, and legal teams.

Be the face of Metron Security for multiple customers:

• Gain a deep understanding of the customer's platform and the platform they want to integrate with.
• Understand customer requirements around the integration.
• Design the best approach with easy-to-use UX for the integration after discussing with the Solution Architect/Director of Engineering.
• Communicate the timelines and deliverables with customers in regular calls (Typically we do weekly calls).
• Jump on technical support calls and try to solve the issues on-call (with help of Team leads/developers/QA).
• The ultimate goal for you is to build deep expertise around security platforms to deliver high-quality custom automation solutions. This will happen over the first 3 months, but in the end, you should be able to converse with any Product Manager on the client side like a peer. This means understanding their problem and suggesting solutions based on your experience and study.

2. Play as a bridge between the Customer and Development team:

• Make sure the team is not blocked if they have any queries for the customer. For situations where the customer is unsure, you need to take the most logical decision and move ahead.
• Ensure to train the team to handle the customer calls.
• Teach, mentor, grow and provide advice to junior developers and recruits in the team.
• Solves technical problems of the highest scope or complexity for clients.
• Make sure the team works on the items, which are important for the customer.

3. Ensuring our company culture remains on target:

• Customer Delight - All of our customers are delighted with our work. Just being “satisfied” is not enough. All of our customers come back to us for repeated work - this is possible only through excellent on-time and quality delivery. We take pride in being respected as peers in the industry (unlike many other firms where the Indian development center is subservient to clients).
• On-time delivery with excellent quality. Every single time.
• Platform agnostic-We take pride in building on whatever language (Python, C#, Java, JavaScript) and platform that the customer wants.
• Reward-based- Anyone showing initiative and delivery will be rewarded with rapid promotions. We do not have a culture of “You get this designation if you have X years of experience”.
• Sane working hours - No work on weekends, only sporadic evening calls.

4. Being hands-on. You should be able to solve deep technical problems for the team when the team leads cannot.

5. Be updated with the pulse of the customer and raise it with management:

• Deliveries are going to miss with significant delays.
• Customer changed the requirements significantly.

6. Lead to build and maintain a documented knowledge base about the different Cyber Security Platforms (with help of the development team members).

Metron Security has built integrations/connectors/parsers for over 100+ security platforms and we are on track to cover over 200+ platforms by the end of this year . To succeed in this role, we believe you need the following:

1. A positive go-getter attitude to take on any new platform and get into the weeds
2. Being programming language agnostic
3. A hacker, and a problem solver
4. Good Time and Task Management
5. Quick Learning Ability
6. A Good Team Player

As an Enterprise Security Architect you will join a growing organization to lead a modern enterprise security program. In this role the Architect will have responsibility for identifying, defining, developing, leading security technology strategy across a broad portfolio of IAM, Cloud, End Point, Network, Web security and related technology systems, and the assessment of new and emerging identity technologies at the very large enterprise scale.

As a senior member of the team you will engage and partner with senior leaders across the organization leveraging your extensive background in (managing / delivering / implementing / architecting) security technology combined with expertise in organizational and cross-functional communication to develop strategy, influence roadmaps, solution adoption, champion strategic opportunities / execution plans with the aim to improve security capabilities, reduce risk and position forward looking identity governance and security enhancements

• Responsible for defining an architectural vision and architecture for large complex solutions, which aligns with the enterprise architecture strategy, technology and platform choices

• Describes the solution intent and the associated operating environment, determining the primary systems/subsystems and their interfaces, defining non-functional requirements and architectural runway to support new epics/features and expand into new opportunities

• Ensures the solution is fit for purpose and use by working with stakeholders, vendors/service providers, and evaluating the impact of strategic design decisions

• Contributes to best practices, standard templates, and the architecture roadmap for defined domains.

• Creates endpoint/host, workplace productivity security reference architecture and design patterns for reusability.

• Contributes in the creation of the architecture roadmap of defined domains (Business, Application, Data and Technology) in support of the product roadmap

• Contributes to the development of best practices including standardized templates

• Works across business and technology to create the solution intent and architectural vision for large complex solutions and evolves it based on an emerging backlog

• Works with Product Manager/Owner to plan and prioritize technology focused backlog items for the architecture runway to enable business epics/features and expand into new opportunities

• Clarifies the architecture for the development teams to support implementation, and provides solution options to resolve any architectural impediments

• Performs design and code reviews to ensure all non-functional requirements for a solution are sufficiently met (e.g. security, performance, maintainability, scalability, usability, and reliability)

• The platform security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers.

• Develop blueprints and procedures to effectively secure company data against accidental or unauthorized modification, destruction or disclosure.

• Create and define the security architectures and roadmaps encompassing cloud architecture, access management, and monitoring.

• Design and develop data security architectures for cloud and cloud/hybrid-based systems.

• Align architectural design technical controls and solutions to industry best practices and guidelines (e.g., NIST CSF, CSA, CIS, OWASP)

What are we looking for?

We want strong collaborators who can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented, and are able to execute in a way that encourages creativity and continuous improvement.

Requirements:

• 10+ years of hands-on experience with scoping, sizing, designing, architecting & building IAM solutions across various technologies, or demonstrated ability to meet job requirements through comparable work experience.

• Expert level knowledge of authentication/authorization standards, protocols, and frameworks such as FIDO, OpenID, SAML, OAuth, JWT, CA, X.509, MTLS, etc.

• Technical expertise and experience with Microsoft MFA, SailPoint, CyberArk, ForgeRock, Okta, Ping, Active Directory, Azure Active Directory, AWS, Google Cloud Platform, Microsoft Azure, and IDM integration across domains

• Solid understanding of Cloud concepts and hands on knowledge on Azure/AD or other cloud identity environments.

• Experience designing and implementing security services and tools applied to GCP, Azure and AWS

• Expertise with Data Loss Prevention and CASB strategies and solutions supporting security of critical SaaS solutions such as Office 365, etc.

• Experience with Hybrid cloud architectures and designs

• Must have experience with Internet Application Hosting architectures, best practices and related technologies to effectively protect externally facing applications

• Experience with DevSecOps process, Container technologies (Docker, Kubernetes), API Gateways, and other common web application technologies is preferred

• Strong knowledge of enterprise security concepts/frameworks and products, secure design principles and best practices

• Strong verbal and writing skills to develop technical documentation and presentations

• Experience in leading technical architecture and security design discussions

• Experience managing multiple multi-level stakeholder relationships

• Bachelors in Computer Science, Computer Engineering or related field

“Such other task that Company may assign you time to time”.

Position Title: Manager – Security Operations Organization /Function: Manager is responsible for day to day operational and project delivery for a set of customers Relevant Experience: 10+ years of experience in security area and at least 2 years as Security manager Educational Qualification: BE/B.Tech/ME/M.Tech/Graduate/Master in any stream with excellent academic record

Must-have Skills: • Must know common security policy frameworks and possess knowledge of how security programs are run at mid to large scale companies • Must have managed a team to deliver “Managed Security Service” or “Security Operations Center” • Prior working Background in either SIEM tools (Splunk, ArcSight, QRadar, DNIF etc.) or Vulnerability assessment and Management tool (Qualys/Rapid7) and process • Has broader context and understanding of managed security services • Must have service mindset and empathy. Must deal with a level of ambiguity, chaos and apparent stubbornness from customers, and manage around it by thinking through the issue or request from the customer’s perspective to drive to a reasonable conclusion • Must have prior experience on Project Management • Must have prior experience of onsite-offshore delivery model and should have directly worked with US/European customers or colleagues • Must have ITIL process knowledge

1.Triage of security alerts that includes but not limited to malware, denial of service, unauthorized access, etc.

2. Conduct incident investigations on SIEM tools.

3. Perform threat hunting on networks to detect and isolate threats.

4. Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM and intrusion detection systems)

5. Continuous optimization, tuning and monitoring of SIEM solution

6. Hands on experience around administrating and threat hunting on EDR, XDR, DLP and SIEM tools.

7. Ability to analyze endpoint, network, and application logs

8. Identify false positives, analyse reported spam, phishing, and suspicious emails and understanding of email security concepts: SPF, DMARC, DKIM

9. Immediate Joiners

We are looking for a capable System Administrator to take over all aspects of the configuration and maintenance of computer systems. A System Admin should be able to diagnose and resolve problems quickly and should have the patience to communicate with a variety of interdisciplinary teams and users.

Monitoring and reporting all points mentioned below.

Ensure Security updates are installed:

• Regularly checking whether the Antivirus software is updated for users.
• Regularly monitor platforms like Google to ensure everybody is using up-to-date applications with no security issues.
• Regularly Email users about the security updates that they need to install on their laptops and PCs.

Antivirus

Centrally managed antivirus should be installed on all laptops and mobile devices. 

• Adding a purchase request for any additional licence that we might require.
• Pushing new software updates on users’ laptops.
• Keeping up-to-date with antivirus updates so all our devices are secure.
• Miradore user agent 

Mobile device and access management

• Set rules and configure settings on personal and organisation-owned devices to access data and networks.
• Deploy and authenticate apps on devices -- on-premises and mobile.
• Protect company data by controlling the way users access and share information.
• Make sure devices and apps are compliant with security requirements.
• Only provide user access to laptops (No admin access, excluding developers)
• All new software installation requests will go through the system admin to make sure nothing is installed on work laptops that poses a security risk.

Vanta compliance-related tickets

• Vanta will continue to monitor and create issues to be compliant with ISO 27K over time. The system administrator must resolve all such system-related tickets.

Access management to different user applications

• Access should be restricted to only what is necessary to perform job duties ("principle of least privilege").
• Technical access to all the company’s networks must be formally documented, including the standard role for approver, grantor, and date.
• Only authorised employees and third parties working off a signed contract or statement of work, with a business need, shall be granted access to the company’s production networks.
• The company’s guests may be granted access to guest networks after registering with office staff without a documented request - guest network management.

Removal media encryption

• Research removable media encryption and figure out if removable media should be implemented and make sure it is always encrypted.

MFA reset and debugging

As we are enabling MFA for more and more applications that we have, more people are likely to have issues with it as the business moves forward. 

• Different online applications will have different ways of handling the MFA reset; a system admin should be familiar with all.

Website watcher configuration and email issues

• Software like Website Watcher keeps having email issues, as it sends emails in huge numbers every day. The system administrator must keep an eye on the emails and fix issues promptly as and when they arise.

Office network management

• System admin can help in creating guest networks in the office and making sure that the network is as secure as possible.

Phishing emails

• Finding the optimal solution to prevent phishing emails from getting delivered.
• Verifying emails sent by our staff to check for phishing emails.

Security incidents handling

• System admin must monitor incident and event tickets and assign severity tickets.
• Continuous checks to ensure the security incident policies are being followed and up to date
• A root cause analysis report must be documented and referenced in incident tickets.
• A central "War Room" will be designated for handling security threats. This may be a physical or virtual location  (i.e., Slack channel) and managed by the system admin.
• Conducting recurring Incident Response Meetings until the incident is resolved (as per the company's established norms)

Implement password policy

• Password policy must be in place to ensure that users are using secure passwords that are not easily crackable.

Add-ons:

• Devops is a plus point

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.

Responsibilities:

• Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
• You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
• You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
• You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
• You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
• Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members

Minimum qualifications:

• BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
• Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
• Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
• Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
• Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
• Good understanding of complexities and security challenges in large-scale distributed systems
• Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
• Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
• Excellent written and verbal communication skills
• Strong interpersonal, team building, and mentoring skills

Job Description

Cyber Threat Intelligence & Threat Hunting - Subject Matter Expert (B3-2)

Responsibilities:

Perform threat research, create actionable threat advisories, and derive hunting queries based on the evolving threat vectors.

Understand APT groups, Conduct deep dive technical analysis of cyber-attack tools, tactics, and procedures. Create hypothesis and perform active threat hunting.

Minimum Requirements:

10+ years of overall experience, 7+ years of experience in cyber threat intelligence, malware analysis (Reverse engineering)

Hands-on experience with writing threat hunting hypothesis & active threat hunting

Experience with YARA rule and OpenIOC signature creation.

Experience with multi-tiered mission-critical systems.

Experience in opensource sandbox and honeypots.

Preferred Certification

GIAC Cyber Threat Intelligence (GCTI)

C| TIA (Certified Threat Intelligence Analyst)

CCTIA by the NICCS

Responsibilities:

The Senior Information Security Engineer is responsible for the implementation, execution and maintenance of technology solutions to mitigate risk, to protect the IT and Engineering environments by reducing the probability of, and to minimize the effects of, damage caused by malware, malicious activities and security events.

The individual will help protect the company by deploying, tuning, and managing security tools across the computing environment, as well as provide security incident response cycle support. They should have a passion and skills for identifying the latest cyber threats. The individual will:

Basic Qualifications

• Working knowledge of infrastructure-as-code and CI/CD pipelines tools (i.e. Jenkins, Teamcity, CircleCI etc..)
• Lead and participate in major day-to-day operational aspects of the security engineering team including improvement of current security controls while constantly identifying areas of needed improvement
• Deep hands-on security experience with cloud providers, such as AWS, GCP, Azure
• Understanding of automated security testing approaches and tools
• Experience with proactive integration of security into the development process
• Lead continuous improvement efforts of out security tools and systems (Concertation on SIEM, IDS, EDR Tools)
• Work with our customers (Security Operations, Incident Response, and Product teams) to incorporate high quality security alerting into their operational workflows
• Improve overall security practitioner efficiency through process automation
• Foster and promote collaboration among all members of the IT, Infrastructure, and Risk Management Departments.

Minimum Qualifications/Requirements

• BS or MS in Computer Science or related field
• Minimum 7+ years of cybersecurity experience
• Must have previous experience performing threat hunting and incident response duties using SIEM tools, cybersecurity management consoles, and ticketing systems
• Experience in deployment, development, and maintenance of SIEM
• Experience writing and using Ansible server administration scripts, and create simple Python, BASH, or Powershell scripts to automate cybersecurity functions
• Scripting experience to automate security operations, alerting, and compliance checks, CI/CD design, deployment, and management
• Experience with managing endpoint response and detection infrastructure and endpoints at the enterprise level, including performing upgrades to the back end application and deploying new agent versions to endpoints
• Understanding the investigative process and performing triage for cybersecurity incidents
• Experience maintaining industry leading security technologies or infrastructure systems in complex technical IT operations environment
• Must be detail-oriented and organized with ability to handle competing demands while meeting deadlines
• Experience in authentication protocols and frameworks to include OAuth, and AWS IAM
• Proactive and motivated; team player with a positive can-do attitude
• Strong analytical/problem-solving skills and cross-functional knowledge across multiple IT operational and security disciplines
• Ability to communicate technical concepts to a broad range of technical and non-technical staff
• Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change

What you will be doing:

• Participate in network and security initiatives, network designs, project plans, and deployments as well as coordinating technical issues with vendors and internal teams
• Contribute to design, installation, maintenance, vulnerability remediation, and monitoring of network and security systems
• Responsible for expert-level troubleshooting of any problems relating to global issues - participation in security incident management and response.
• Providing support and guidance to Technology teams across network and security technologies.
• Adhere to IT access-management incident response and change control procedures (ITIL)
• Continuous documentation of the IT network infrastructure including technical specifications, design documents, roll-out, and disaster recovery plans

What we are looking for:

A Network Security engineer with a solid comprehensive background in:

• Ability to manage, supervise and delegate multiple tasks
• Strong experience with SIEM and log management
• EDR (Endpoint Detection and Response - especially in Microsoft ATP, Defender or SentinelOne) configuration and management.
• Vendor management; including SOC (Security Operations Centre) providers
• Global Security Incident management support
• Experience in SD-WAN (Meraki) management and troubleshooting
• Knowledge of network security, hardening network equipment, and vulnerability scans
• Experience in Microsoft security and endpoint management tooling such as MCAS and MEM
• Excellent troubleshooting skills. Ability to rapidly identify respond to and resolve issues
• Proven experience in remote access technologies (ZScaler an advantage)
• Excellent communication skills (written and verbal).
• An ability to work under pressure and take ownership of tasks and customer issues.
• Ability to work individually and as part of a global Infrastructure Technology team with regional teams in India, UK and North America.

Information Security Specialist

Notice Period: 45 days / Immediate Joining

Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA. 

We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.

It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges. 

Key Qualifications

· Design, deploy, and support Information Security Solutions provided by BDS

· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms

· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.

· Research and strategic analysis of existing, and evolving all IT and data security technologies

· Establish baselines to define required security controls for all infrastructure components and application stack

· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.

· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts

· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up

· Must be able to work a flexible schedule during off-hours

Key Skills & Qualification

· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance

· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)

· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk

· Exposure of the security audit tools on public cloud platforms

· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture

· Certified Ethical Hacker would be a plus

· Handling of Security audits is a must

· Proven interpersonal skills while contributing to team effort by accomplishing related results

· Passion for learning new technologies and the ability to do so quickly.

http://www.banyandata.com" target="_blank">www.banyandata.com 

We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.

Roles & Responsibilities:

• Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
• Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
• Managing penetration tests and security reviews for core applications and APIs.
• Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
• Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
• Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
• Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
• Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
• Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
• Investigate privacy breaches.
• Educate employees on data privacy & security.
• Prioritize security requirements based on their severity of impact and product roadmap.
• Maintain a balance of security and business values across the organisation.

 Required Skills:

• Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
• Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.

• Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.

• Experience in Log Management, Security Event Correlation, SIEM.
• Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.

Good to Have Skills:

• Online Fraud Prevention.
• Bug Bounty experience.
• Security Operations Center (SOC) management.
• Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
• Experience / Knowledge on tools like Fortify and Nessus.
• Experience in handling logging tools on docker container images (ex. Fluentd).

Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption 
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting