Role : Full-Time Individual Contributor (IC)

Location : Remote(Quarterly visit to Noida office mandatory)

Shift : 2:30pm to 11:30 pm (IST)

Experience : 5- 8 Years

Education : BTech/ BE / MCA / MSc Computer Science

Industry : Product Engineering Services or Enterprise Software Companies

Certifications (Mandatory) : CISSP, CISM or Any cloud security certification

Required Experience :

- 5+ years experience with AWS orchestration via Terraform script

- 5+ years experience with CloudWatch/CloudTrail/Guard Duty

- 5+ years experience with AWS WAF

- 4+ years experience with CloudFlare

- 3+ years experience with DataDog

- Experience with PagerDuty

- Ability to make nuanced threat assessments

- Experience in SOPHOS.

- Significant experience with PCI, SOC2, SOX, HIPAA, or other compliance regimes

- Experience in Infrastructure As Code Ansible / Terraform/ CloudFormation

- Hands-on experience implementing various security tools in CI/CD pipeline

- Strong experience with any cloud service provider (AWS Preferred)

- Implement and oversee technological upgrades, improvements and major changes to the cloud security environment.

- Develop solutions, install/configure/integrate IT tools and security processes within an application or organization to help improve the overall IT security posture.

- Set up Static and Dynamic Code Analysis tools, review the results and explain any gaps and potential impact to the teams (development and operations).

- Penetration testing and container security.

- Evaluate and analyse threat, vulnerability, impact and risk to security issues discovered from security assessments.

- Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement

- Creating and managing security strategies

- Oversee information security audits, whether performed by organization or third-party personnel

- Develop, maintain and publish up-to-date information security policies, standards and guidelines.

Key Responsibilities :

- Work independently with vendors and collaborate with colleagues

- Experience negotiating remediation timelines and/or remediate found issues independently

- Ability to implement vendor platforms within CI/CD pipelines

- Experience managing/responding to incidents, collecting evidence, and making decisions.

- Working with vendors and HM Teams to deploy criteria within WAF and fine tuning it according to applications needs

- Multitasking and continuous ability to provide a high level of concentration for assigned projects.

- Good working knowledge of AWS security in general and familiarity of the AWS native security tools

- The candidate should be experienced and articulate, who is not going to get discouraged, despite meeting roadblocks, and will continue promoting security within the company.

- Ability to create DevSecOps security requirements while working on a project

- Ability to articulate security requirements during the Architecture meetings and working hand in hand with HM Applications and DevOps Principal Engineers

Behavioral competencies required :

- Must have worked with US/Europe based clients in onsite/offshore delivery model

- Should have very good verbal and written communication, technical articulation, listening and presentation skills

- Should have proven analytical and problem solving skills

- Should have demonstrated effective task prioritization, time management and internal/external stakeholder management skills

- Should be a quick learner, self starter, go-getter and team player

- Should have experience of working under stringent deadlines in a Matrix organization structure

- Should have demonstrated appreciable Organizational Citizenship Behavior (OCB) in past organizations