Consultant at Populus Management Services Private Limited
Views:67 Applications:3 Rec. Actions:Recruiter Actions:3
Security Engineer (7-12 yrs)
Qualifications & Requirements:
- Experience in Threat modelling
- Experience in Web application
- Experience in Cloud security
- Experience in Writing codes pertaining to security
- Experience in Devsecops
- Bachelor's degree in Computer Science, MIS or IT Security. A Master's Degree is highly desirable
- Industry certification such as Security+, CBCP, CISA, SCNP, CCNA Security, and /or CEH
- Solid understanding of security and network infrastructures - switches, routers and firewalls; TCP/IP networking theory
- Expert knowledge of container security and secrets management (Docker/Kubernetes/AKS/Service Meshes)
- The Security Engineer will, Under general supervision, performs a wide variety of duties in support of technical or administrative assignments using established procedures.
- May assist in the preparation, presentation, and follow-up of proposals with supervision.
- May also participate in activities in support of multiple projects.
- Independently performs work as assigned by Management. Employee has limited autonomy for an assigned area or responsibility within a function.
- Interacts daily with supervisor, peer groups, and customers. Interaction normally involves exchanges or presentation of factual information.
- The candidate will be part of the Information Security team responsible for Security platform engineering, Operation and audit for the company.
- Areas of focus will be a combination of day-to-day security operations and strategic architecture of the company data center and customer environment.
- Assisting software development teams in securely architecting/operating their software applications by aligning to the SE secure software development principles, industry-standard methodologies, and compliance and privacy requirements.
- Assisting and coding Security aspects if required using various open source tools.
- Build, promote and scale the best DevSecOps practice across the company globally and drive adoption of tools and practices as the teams to transform to DevSecOps.
- Always look for opportunities to optimize, automate and secure the daily workflow
- Understand the life cycle of information as it pertains to Security
- Intermediate knowledge of Security Audit Process
- Expert knowledge of Business Continuity plans/Disaster recovery
- Understand Risk assessment and risk treatment plans
- Analysis of the organization's threat landscape and ability to define holistic security solutions
- Security infrastructure management and architecture - the operation of a security management infrastructure which supports different types of Security products
- Intrusion Prevention System
- Endpoint Security
- Vulnerability and Penetration testing
- Network Data Loss prevention
- Public Key Infrastructure design
- Web Content Filter administration
- Security Information and Event Manager design and development
- Support the planning, design and implementation of these security solutions