Job Description
Role: Cybersecurity
Experience Level: 3-6 Year
Work location: Mumbai, Bangalore & Trivandrum
Role & Responsibilities:
- Develop a complete understanding of a company's technology and information systems.
- Design, build, implement and support enterprise-class security systems.
- Align organizational security strategy and infrastructure with overall business and technology strategy.
- Identify and communicate current and emerging security threats
- Design security architecture elements to mitigate threats as they emerge.
- Plan, research and design robust security architectures for any IT project.
- Perform or supervise vulnerability testing, risk analyses and security assessments.
- Create solutions that balance business requirements with information and cybersecurity
requirements.
- Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
- Review and approve installation of firewall, VPN, routers, IDS scanning technologies and servers.
- Must have experience in cloud concepts and perform assessment and implementation of new technologies within the cloud.
- Use current programming language and technologies to write code, complete programming and perform testing and debugging of applications.
- Provide supervision and guidance to a security team.
- Define, implement and maintain corporate security policies and procedures.
- Respond immediately to security-related incidents and provide thorough remedial solutions and analysis.
- Regularly communicate vital information, security needs and priorities to upper management.
Skills expectation:
Must Have:
- Experience in automating security tools and processes ensuring innovation and advancement
strategies that keep pace in the areas of access control, security-in-depth, secure transaction
processing, secure coding practices.
- Experience in working in a high paced DevSecOps or SecOps environment with hands-on
experience in Docker, Kubernetes and Cybersecurity tools like IDS, SIEM, SAST/DAST
Scanners, EDR.
- Conduct and facilitate security reviews, threat modelling including deep design reviews
throughout the development lifecycle to identify all the threats the systems are exposed to
and recommended mitigations controls to address those threats.
- Cloud Security and AWS, GCP, Azure (good hands-on experience in at least one of them
preferably GCP)
- Conducting and managing Penetration testing activities on Internal and large scale Cloud
Infrastructure.
- Thorough hands on in performing Threat modelling and Web application security
assessments for Public facing and Internal applications as per OWASP and SANS
methodology.
- Experience in integration ofsecurity at every phase of the software development lifecycle,
from initial design through integration, testing, deployment, and software delivery.
- Third party Security and tooling to support software and hardware security requirements.
- Vulnerability Assessment and Management via Automation.
- Red Team or Blue Team Experience
- Leadership Qualities
- Provide thought leadership to the team and bring industry best practices to the
project.
- Ability to lead technology teams and provide them mentorship / support to
- accelerate performance.
- Ability to handle conflicts effectively by managing internal and external stakeholders
- Experience in leading multiple large projects as well as a deep understanding of
- Agile developments
- Effective communication with all the stakeholdersinvolved.
- Communicate clearly about complex subjects and technical plans with technical and non technical audiences.
- Demonstrated ability to identify risks associated with business processes,operations, technology projects and information security programs
- Risk assessment procedures, policy formation, role-based authorization
- methodologies, authentication technologies and security attack pathologies.
Good to have:
- Experience with Agile/Scrum/DevOps software development methodologies.
- OSCPCertification.
- CISSPCertification.
- CISOCertification.
- CISMCertification.
- CEH Certification.
- CLOUD ARCHITECT CERTIFICATION (CCSP, CCSK) Certification.
- ECSA Certification.
- Security + Certification.
- CCNA Certification.