Job
Description
Requirements 5+ Years of experience in working on Security aspects Must be proficient in understanding various aspects of Application Security in a cloud environment and should have worked on tightening the security at all levels Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand Experience with vulnerability scanning tools (e g , Qualys, Nessus, Nexpose, Saint, AWS Inspector, Kali Linux) Experience in Mobile Application testing including iOS and Android Experience with web application vulnerability scanning tools (Burpsuite Pro, Veracode) Experience with network/infrastructure-level penetration testing Excellent communication skills to collaborate with both external and internal stakeholders to maintain the overall Information Security for KloudGin Must have experience on AWS landscape and understanding of security aspects related to EC2, VPC, CloudFront, WAF, Shield, Secrets Manager, Inspector, CloudTrail, CloudWatch, Systems Manager, IAM, Config, etc Should be aware of various CIS Benchmarks and be able to tighten the application and database servers based on the guidance Experience in Application security and Mobile security Including OWASP technologies, vulnerability research and Mitigation Awareness of CISSP certification will be a plus AWS Certification will be a plus Certification in any of these or similar certifications CEH, ECSA, OSCP will be a plus Responsibilities To manage the Information Security Program and IT Operations at KloudGin To perform web Application vulnerability scans leveraging both tools and manual checks To use both DAST and SAST tools to identify the vulnerabilities and work with the developers to fix and remediate the same To perform application security risk assessments To conduct penetration testing using various tools and block the exposures in coordination with the development teams To manage the Security features of KloudGin application and support the Presale team in responding to prospects about KloudGin infrastructure and security To drive the Security Certification of the KloudGin product based on the above-mentioned security check based on the KloudGin releases To drive the external Audits and Governance at KloudGin including VAPT, SOC Audits, GDPR Reviews To drive and play the Project Manager role for the Disaster Recovery Drill of the application Assess publicly and privately announced security vulnerabilities to determine the risk based on severity, threat likelihood and impact Conduct checks on server level vulnerabilities and adhere to CIS benchmarks for the environments To perform log monitoring using SIEM tools and manage the threats or attacks on the application / network Automation of Secrets management across the application and Environments Continuously enhance the security of the application to meet the industry best practices Review the latest threat in the industry and safeguard the application and environment against the same Manage the Security Onboarding and Offboarding for the employees at KloudGin Manage the IT Operations at KloudGin including end-point security and Antivirus management
