Job
Description
Development, implementation, monitoring, maintenance, and management of threats, security controls, processes, procedures and systems. Provides trusted advisor overview and management for information security projects and technical requirements. Provides threat management support for firewalls, intrusion detection systems, enterprise anti-virus, web application firewalls, and log monitoring tools. Manages internal/external vulnerability management program and oversight for code reviews or application security scan reviews as part of the Application Security management program. Manages the company’s Incident Response process in coordination with managed SOC vendor to monitor and respond to security alerts from all assets storing, processing, transmitting company confidential/sensitive data including PCI and PII data assets. Provides technical expertise in support of information technology assessments, penetration tests, and/or audits (PCI/SOX/HIPAA/other) of organizational automated systems and processes and will play a critical role in designing, maintaining and enhancing our organization's cybersecurity posture. Works closely with cross-functional teams to identify and implement robust security measures, detect, and respond to security incidents, and ensure the overall integrity and confidentiality of our systems and data. Essential Duties and Responsibilities Other duties may be assigned. In the event of absence, duties for this position will be overseen by the position to which it reports. Conducts analysis, develops technical and programmatic assessments, evaluates security engineering and integration initiatives and provides technical support to facilitate compliance with security policies, procedures, standards and guidelines. Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives. Analyze and review recent industry breaches for preventive cyber breach strategies. Provide threat intelligence research related to malware/virus identification. Responsible for reviewing and approving corporate, PCI In-scope firewall requests and WAF changes; perform WAF tuning as necessary. Monitor, report, and aid in the resolution of all security-related problems and discrepancies by monitoring assigned systems, maintaining documentation and provide management and any other appropriate areas with reporting as requested. Manage WAF, intrusion detection systems and in coordination with vendor SOC, ensure sufficient coverage to monitor PCI, PII, and all other assets storing, processing, transmitting company confidential/sensitive data. Ensure alerts from current and future systems are properly designed and monitored. Manage internal/external vulnerability management program and as appropriate expand scope of vulnerability scans, application/network penetration tests to cover enterprise and all systems/environments storing, processing, transmitting company confidential/sensitive data. Monitor intelligence sources for newly identified vulnerabilities, evaluate the risk such vulnerabilities pose to the organization's information and systems, and advise management of appropriate measures to eliminate or reduce the organization's risk or exposure to such vulnerabilities. Performs both internal/external vulnerability scanning and penetration testing. Analyzes information from those scans, as well as penetration tests, to mitigate and help IT stakeholders address system vulnerabilities. Provide technical support/oversight for code reviews or App scan reviews as part of Application Security management program. Provide technical support/oversight for security exception request process. Provide technical support for incident management and forensics. Monitor appropriate industry sources to maintain awareness of new security tools and techniques and research those tools and techniques that have the potential to improve the organization's ability to protect its information and infrastructure. Assist in the development of appropriate information security policies, standards, procedures, checklists, and guidelines using generally-recognized security concepts tailored to meet the requirements of the organization. Provide expertise to support timely resolution of findings from information technology assessments, penetration tests, and/or audits of organizational automated systems and processes; as appropriate, develop and communicate recommendations for improvement to management. Provide reporting metrics/create and maintain dashboards for department functions. Proficient in the use of Word, Excel. Assist manager/director in planning, time budgeting and scheduling work for completion. Participate in opportunities that enhance personal and professional growth and the accomplishment of career objectives through continuing education, seminars and participation in field-related professional organizations. Accountable for execution of assigned tasks from start to finish, while fully leveraging the disciplines expected of a cybersecurity engineer according to department standards, procedures and processes. Stay current with emerging issues affecting the Cybersecurity profession. Qualifications (Include Education and Specific Experience) Strong understanding of data network configuration and infrastructure concepts, including TCP/IP, DNS, routers, firewalls, web servers and security hierarchy including the application of encryption key infrastructures and authentication processes. Knowledge of cloud security concepts (Azure/AWS). Strong experience with IT security standards and best practice frameworks. (like ISO 27001/27002, NIST/NIST CSF, ITIL, PCI, SOX) In depth experience working with internet and web application security frameworks like SANS, OWASP. Detailed technical knowledge of hardening concepts and audit for Unix, Linux, Windows servers and desktop systems, AWS EC2 instances. Excellent understanding of common application, network, and operating system vulnerabilities, current threat vectors and mitigations. Strong working knowledge of networking, routing, protocols, ports and services. Working knowledge of System Information Event Monitoring (SIEM), Intrusion Detection and Prevention System (IDS/IPS), web application firewalls, vulnerability scanning tools, encryption capabilities, Network Access Controls (NAC), Data Loss Prevention (DLP), NMAP, Vulnerability scanners, Wireshark, and other security related tools Experience working with leading security WAF like Akamai, Cloudflare. Experience working with logging and file integrity monitoring tools like LogRhythm, NXLog, Splunk. Demonstrated experience in conducting security assessments. Demonstrated experience in investigating security issues related to Internet, server, desktop, laptop, tablet, and other mobile device security issues; OS patching, hardening and anti-virus. Ability to work with subject matter experts and 3rd party MSSP to coordinate activities to complete security related projects or tasks in a timely manner. Proficient with programming logic concepts, scripting experience (like Python, JavaScript, PowerShell) Strong communication and teamwork skills to collaborate with cross-functional teams and convey complex security concepts to non-technical stakeholders. Security certifications like CEH or CISSP are desired. • Bachelor’s degree in Computer Science, Information Security Management, Engineering or equivalent is required. • 3-5 years of experience in network and application security in a multiple operating system environment. Job Type: Full-time Pay: ₹7,000.00 - ₹20,000.00 per month Schedule: Monday to Friday Night shift US shift Work Location: In person
