Talent.com
Information Security Engineer

Information Security Engineer

ConfidentialPune
30+ days ago
Job description
  • Support the detection, monitoring and tracking of security vulnerabilities at the application, database, server, workstation and OS levels
  • Support AWS, Azure, and Google cloud operations in securing the public cloud environments
  • Configure and troubleshoot IAM policies, Security Groups, Service Control Policies, Role based access control, and Managed Service Identities
  • Tune-in and configure SIEM performance and events data quality to maximize log correlation efficiency
  • Work closely with the network team to implement and maintain network access control technologies
  • Configure Security Orchestration, Automation, and Response (SOAR) tools, scripts, events, and playbooks
  • Expertise in shell scripting and other programming languages, such as Python and Power Shell
  • Proficiency in understanding and using regular expressions (regex)
  • Solid understanding of REST / SOAP / WSDL / XML (Web Services), HTTP Request Methods.
  • Work closely with the compliance team to identify, document and implement various security controls related to NIST, FedRAMP, HiTRUST, and ISO 27001
  • Guide the network and operations teams in implementing security best practices
  • Work with network, and systems engineering teams to promote automation, automated monitoring and administration functionality
  • Implement, and support security solutions including but not limited to Intrusion Detection, Log Management, Data Loss Prevention, Vulnerability Management, Web Content Filtering, and Configuration Management
  • Support the efforts to develop operational best practice procedural documentation for operations staff
  • Assist in the development and documentation of various systems, policies, procedures, and customer deliverables
  • Research new products and make appropriate recommendations
  • Develop and design project plans, tasks and timelines and then provide verbal and written status reports as directed
  • Conduct on-going security assessments, document and track findings and remediation activities
  • Provide on-call support as needed

    • Qualifications

    • BS in Computer Science, Engineering or related field desired
    • Minimum 3 years of experience supporting enterprise level environment
    • Must have a good understanding of the following : Log correlation, SIEM technologies (AlertLogic, ArcSight, Q1 Radar, Log Rhythm, Splunk, etc.), IDS / IPS technologies, Vulnerability Scanners (Nessus, Qualys, etc.) and other related technologies
    • Understanding of common web application vulnerabilities and familiarity with using web application scanning tools such as Burp Suite, ZAP Proxy, Acunetix, etc.
    • Understanding of cloud solutions and cloud security best practices in environments such as AWS, Azure and Google Cloud
    • Solid understanding of compliance requirements and standards such as PCI-DSS, HIPAA, HiTRUST, ISO 27001, SOX. etc.
    • Demonstrated knowledge of one or more of the following systems : Linux, Windows, or Mac OS
    • Working knowledge of firewall and web filtering technologies
    • Experiences practicing ITIL framework-based processes such as Change, Problem, and Incident management in an enterprise environment
    • Excellent verbal and written communication, presentation, and interpersonal skills
    • Able to define, document and support systems, policies, and procedures
    • Excellent analytic, problem solving and troubleshooting skills
    • Good knowledge and experience designing network, system and application security architectures
    • Ability to efficiently handle multiple projects with shifting priorities
    • Able to anticipate and mitigate risks as well as define architectural solutions

      • Skills Required

      Network Security, Penetration Testing, Incident Response, Vulnerability Assessment, Malware Analysis, Cloud Security

    Create a job alert for this search

    Information Security Engineer • Pune