The Cyber Security Engineer will have an opportunity to own and lead a charter to implement cyber security best practices and drive change within the organization.
He/She will work closely with Product Engineering, Cyber security, Risk Management and Research and Threat Intelligence teams to architect, implement and manage the various cyber security initiatives within the company.
Role and Responsibilities
The Senior Cyber Security Engineer will
Design, evaluate, deploy, manage, and fine tune the security infrastructure services and tools within the organization
Assess and automate cyber security processes for on-premises as well as cloud infrastructure and applications
Manage, monitor and mitigate cyber risks by implementing industry best practices, solutions and processes around cloud infrastructure security, network security, application security as well as data security
Keep UpToDate with advanced threats, vulnerabilities, latest security solutions and risk mitigation strategies used in cybersecurity operations.
Contribute to various internal security initiatives such as Dev-sec-ops, security orchestration and automation etc
Qualifications and Education Requirements
Degree in Computer Science or any Technical Discipline (B. E, B. Tech, BCA, MCA, B.Sc. (IT))
Knowledge, Skills and Experience
At least 8 years of experience in Network Security (Firewalls, IDS, IPS, Endpoint Security)
Must have hands-on experience in at least 3 or more of the following -
cloud security configuration, security monitoring for cloud workloads (AWS, GCP, Azure) and O365 environments
installing, configuring SIEM (such as Splunk, QRadar, or any cloud SIEM, Azure Sentinel, AWS Cloud Watch, GuardDuty, Google Chronicle etc)
Vulnerability Assessment Tools such as Nessus, Qualys
Web Application Firewalls, CDN security
Application security tools such as SAST, DAST, source code review tools such as Checkmarx etc.
Detailed knowledge of securing operating systems, containers and databases
Familiarity with Identity and Access Management Concepts (IAM, SSO etc)
Experience in setting up Dev-Sec-Ops processes successfully using various tools such as Jenkins, Ansible, Puppet, Chef etc will be a huge plus
Ability to automate repeatable security tasks through scripts and custom code
Self-motivated and results-oriented, agile mindset, with excellent interpersonal and communication skills.
Prior experience working with startups in a dynamic environment and SaaS companies would be an added advantage
Certifications (desirable, but not mandatory)
AWS / Azure /GCP security certification (any)
SIEM Certification (any)