Security and Network Engineer Cloud (VAPT)
Job Location: Pune, Maharashtra.
Industry : IT/ ITeS
Relevant Experience required: 3-5+ years’ experience.
Job Description:
Develop Security automation and APIs in the Public Cloud across the key pillars of security namely IAM, CICD Security, Security Logging, Incident Response, Data Protection, Compliance Validation. Security Analytics, Vulnerability Management, Platform and Application Threat Modelling
Collaborate with Security Platform and Services teams to build and integrate existing security solutions.
Act as an advocate of information security policies, standards and as a mechanism to enable the business effectively while managing risk appropriately.
Cloud & Network Security Architecture Review.
Perform unauthenticated and authenticated vulnerability assessment (VA) assessments of servers, applications, network/security/infrastructure devices as per defined frequency annually.
Perform penetration testing (PT) for internal and internet facing servers.
Create comprehensive assessment report with details of vulnerabilities identified, categorization of the risks by assessment of potential impact and detailed remediation/recommendation for all the identified risks.
Provide technical assistance to clarify the reported issues to the relevant teams and provide required support to resolve the issues. Explain the issues in layman language to the business teams.
Hands on experience in automated vulnerability and web scanners (e.g. Qualys, Nessus, AppScan, Web inspect, Accunetix, Burp suite Pro, etc) is desirable.
Technical knowledge of Windows and UNIX operating systems, networking, security & network devices.
Gain deep security-level knowledge of cloud environments, continuous monitoring solutions to understand and explain security risks and mitigation techniques.
Strong knowledge of the OWASP Top 10, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Insecure Direct Object reference, Click jacking, buffer overflows, etc.
Strong knowledge of security vulnerability, risk, threat, exploitation, technical & business impact
Experience in automation of VAPT work to reduce manual efforts and simplify the process
Should have knowledge to implement a risk-based approach to Vulnerability Management. Good to know TVM products like Kenna Security, Risk Sense etc.
Should have knowledge on Risk Rating Standards like DREAD, CVSS etc.
Should have prepared audit reports and findings tracker sheets for applications.
Should be used to researching the latest security best practices, reading up on new threats and vulnerabilities and disseminate this information within the team as well as the organization.
Should have knowledge in preparing policy, procedure, standard and guidelines for VAPT
Coaching/ mentoring team members on technical/functional/ operational/ aspects and expertise relevant to security testing
Stakeholder management – Need to interact and communicate with IT, Application, Development, Business teams for VAPT work
Stay current on cloud security policies, standards, regulations, and best practices.
Educational qualification: Graduate in IT, Cyber Security or MCM/ MCA or equivalent
Skills required/Expertise:
3-5+ years of hands on experience in Cloud and Network Security -vulnerability assessment and penetration testing (VAPT)
Certified in Cloud Security Domain such as CEH, CISSP etc
3-5 years of proven experience in vulnerability assessment and penetration testing
Tools – Qualys, Tenable Nessus, IBM AppScan, Web inspect, Accunetix, Burp suite Professional, Metasploit Professional Knowledge
Proficient in written and oral English communication skills.
Strong organizational, teamwork, multi-tasking and time-management skills.
Manage a team during project execution as needed for the smooth execution of the project.
Expertise in security epics across Data Protection, Compliance Validation, Vulnerability Analysis, Network Security, Infrastructure Security, CICD Security, Identity and Access Management, Logging and Monitoring, Incident Response, Big Data and Analytics, and Resiliency.
Overview: Planview is a global leader in portfolio and work management solutions that help companies transform strategy to delivery in...
Apply For This JobJD-Team Leader Qualification – Graduate/ Polytechnic Diploma Experience – 4 to 5 years of Experience in technical support and leading...
Apply For This JobPRIMARY ROLE & RESPONSIBILITIES Coordination with Customer, Various OEMS/Vendors and other SIs who are part of the project. Coordination with...
Apply For This JobJob Title: IT Specialist / System Administrator Location: Bommasandra, Bengaluru. Experience: 0-1Year. Job Type: Full time. Salary: 2,00,000 to 2,50,000...
Apply For This JobConducting routine evaluation of network and data security. Supervise the IT team and coordinating on daily task assignments. Ensure the...
Apply For This JobNICE product system is a single, comprehensive solution capable of driving the performance, effectiveness, and efficiency of your entire enterprise...
Apply For This Job