Your Role
We are growing rapidly in the US with acquisitions and in the US Government space. We are looking to expand our US security team with talented people. We at Innovaccer are looking for a Security Engineer-III who will be responsible for performing real-time monitoring, analysis of security events, and administration of Security tools. This role will encompass the use of a broad range of security domains (Endpoint Security, Data Security, Cloud Security, Corporate IT Security, VAPT, Automation, Identity and Access Management). This role would be a great opportunity to learn and grow as you would be exposed to multiple security domains at a single time.
A Day in the Life
- Collaborate in the design, implementation, and support of the IAM technologies.
- Performing User Access Reviews
- Reviewing IAM roles and performing config audits on cloud infra.
- Proficiency in Black box pen test along with Gray & White box Pentest
- Exposure to Red Teaming is a must.
- Vulnerability Assessment & Penetration Testing
- Conduct Penetration testing on Cloud or On-premises infrastructure.
- Familiarization with AWS, Azure & GCP
- Data Center audit includes exposure to risk assessment, vulnerability assessment & pen test.
- Triage, Investigate, document, and report on information security events.
- Administration and maintenance of security solutions such as Antivirus, Host Intrusion Detection Systems (HIDS), Network Intrusion Detection Systems (NIDS), and Security Information and Event Management (SIEM)
- Integration of devices like Linux and Windows machines, Antivirus, Firewalls, IDS/IPS, Web Servers, etc.
- Exposure to Kubernetes & containers is highly desirable.
- Integrate security tools and practices within the Kubernetes infrastructure.
- Auditing BCP & DR & exposure on implementation if BCP & DR plan
- Conduct security assessments on infrastructure and deliver reports detailing assessment observations and associated recommendations for information security program development to meet security and compliance standards.
- Governance of Cloud Infrastructure (AWS/Azure/GCP)
- Work closely with DevOps, Engineering, and Product departments to remediate security-related issues and incidents.
- Strong skills in network Security & cloud security
- This role requires being available on call during weekends and off-hours.
- CEH, OSCP, OSCE, Security+ and other likewise security certifications are desirable.
- Writing Automation scripts and contributing inhouse development would be an added advantage.
What You Need
- Bachelor’s degree in information technology, Computer Science Engineering preferred.
- Prior experience with core security technologies (Kali Linux, Network Security, Nessus)
- Strong understanding of TCP/IP Protocols, network analysis, security applications and devices, vulnerability management, and standard Internet protocols and applications.
- Proficient with OpenVAS, Nessus, Nmap, etc.
- Experience in Cloud Security AWS Security Hub, Azure Security Center
- Familiar with Amazon AWS/Microsoft Azure services as an IaaS/PaaS containers (Dockers/Kubernetes)
- Reporting & incident management
- Able to work independently, being a team player, ability to work well under pressure.
- Able to multi-task, prioritize, and manage time effectively.
- Collaborates effectively and communicates efficiently.
- Work in 24x7 environment.
- Proficient in opensource tools & technologies.
- Ready to take up more responsibilities along-with existing role.
- Self-motivated individual with a knack for challenges