What you will do?
- Be the subject matter expert for Information Security matters. Implement and manage security best practices that bolster the security posture of the organization.
- Identify security gaps, explore and Identify open source or 3rd party solutions that address the security gaps, and prove the ROI for each solution with a strong business use case.
- Partner with GRC engineers in driving cyber security initiatives covering : Cloud Security, Application Security, Endpoint Security, Data Security, Email Security etc
- inline with frameworks like SOC 2, ISO 27001, GDPR, NIST, and other data privacy and cybersecurity frameworks.
- Partner with GRC engineers in risk assessments and developing relevant policies, procedures, and guidelines for security compliance and support in security audits for various standards and client questionnaires. Vulnerability Management :
- Develop internal capabilities to identify vulnerabilities, misconfigurations, and violations of best practices using Vulnerability Assessments, Penetration Testing, Threat Modelling, Security Review /Audits etc.
- Develop and maintain vulnerability management processes and procedures to streamline the identification, reporting, and resolution of security vulnerabilities.
- Manage VAPT partner(s) and collaborate with cross-functional teams to ensure that vulnerabilities are remediated in the defined SLA.
- Create dashboard/reports to communicate the performance of various security initiatives to the entire org such as External VAPT, Secret Scanning, SCA, SAST, DAST, and Internal VAPT.
- Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. SOC :
- Use data/logs collected from a variety of tools (e.g Audit logs, access control logs EDR, identity provider, MDM, SaaS platforms, AWS, GCP, Azure, WAF, Application Logs, etc) to analyze, identify and mitigate potential threats/anomalies.
- Build response workflows and actions that auto-resolve false positives, enabling engineers to focus on relevant threats.
- Develop and automate security workflows, playbooks, and tools to improve the efficiency and effectiveness of security operations. Policy as a Code:
- Drive the implementation of Policy as Code methodologies to automate and enforce security policies throughout the organization. Shift Left Security:
- Advocate and identify Shift Left Security practices to embed security into the early stages of the development lifecycle.
- Partner with Cloud Infra and IT team in implementing shift left security practices, such as :
- Embedding security practices in SDLC & Cloud infrastructure.
- Embedding the GRC team approvals/reviews in day-to-day processes to enable better governance. Security Incident Management :
- Support security incident response in a cross-functional environment and drive incident resolution for internal and external threats.
- Carry out digital forensics as part of security incident investigation.
- Ensure that engineering teams understand the impact of an incident and derive corrective and preventive actions for themselves. Security Training:
- Drive the security mindset across the organization in partnership with the GRC team.
- Create awareness/training content that forces engineering teams to embed a security shift left approach.
What makes you a match
- 5+ years of relevant industry experience in a security engineering or cloud infrastructure security team.
- Strong coding proficiency in Python /Go/ Shell etc.
- Strong technical knowledge of security principles and technologies such as, firewalls, IDS/IPS, DLP, Encryption, SIEM, UEBA, EDR, SOAR, Threat Intelligence, Web Proxy/Content Filtering, Active Directory, and PKI.
- Experience with industry standards and frameworks such as CVE, CVSS, NIST, SANS 25 and OWASP.
- Experience deploying solutions for monitoring of security best practices in cloud resources, CI/CD pipelines and Kubernetes platforms.
- Familiarity with infrastructure as code tools (Terraform, CloudFormation, etc)
- Familiarity with more than one cloud vendor (AWS, GCP, Azure).
- Ability to work alongside a remote team, using a data-driven mindset to propose and own engineering decisions.
- Bachelor’s degree in Computer Science, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CEH, Security+).
- Proven experience working in a Security Operations Center (SOC) environment with a focus on vulnerability management.
- Excellent analytical and problem-solving skills, with the ability to prioritise and manage multiple tasks in a fast-paced environment.
- Strong attention to detail and a commitment to delivering high-quality results.
- Ability to work both independently and collaboratively as part of a team.
