Senior information security engineer
TweetSenior information security engineer
Job Name: Senior information security engineer
Job Role: Sr. IT Security Engineer
Industry: IT, Software, Bpo
Job Location: Udaipur (Rajasthan)
Experience: 5- 10 year
Skills: Team Handling, information security controls, VPN, Cloud Server
Salary: Best in the Industry
Education: BCA, MCA, B.tech(CS/IT)
Job Summary:
Looking for Sr. information security engineer. Should have strong work exposure in the IT Security department. having work exposure in the IT security environment to identify cybersecurity gaps in systems, processes, and controls and evaluate the potential risk exposure. Work with IT management to develop opportunities for improvement. Architect, configure, manage, and deploy devices including firewalls, IPS, and IDS to improve our ability to prevent and detect intrusions in real-time.
Job Description:
Should have strong work exposure in the IT Security department. having work exposure in the IT security environment to identify cybersecurity gaps in systems, processes, and controls and evaluate the potential risk exposure. Work with IT management to develop opportunities for improvement. Architect, configure, manage, and deploy devices including firewalls, IPS, and IDS to improve our ability to prevent and detect intrusions in real-time.To develop and maintain the information security policy and accompanying standards, procedures, and guidance. Research and stay informed of potential information security threats, breaches, industry trends, emerging technologies, and response alternatives. Conduct research and provide insight to identify, assess, and deploy security technology solutions and partners including but not limited to encryption, firewalls, authorization, authentication, intrusion detection, and gateway security controls. To develop and deliver a programme of planned compliance reviews and ensure any gaps are addressed. Engage in regular assessment of the current IT security environment to identify cybersecurity gaps in systems, processes and controls and evaluate the potential risk exposure. Work with IT management to develop opportunities for improvement. Architect, configure, manage and deploy devices including firewalls, IPS and IDS to improve our ability to prevent and detect intrusions in real-time. Monitor and proactively recommend solutions for correcting issues related to security technology performance and capabilities of vendors. Collaborate on critical technology projects to ensure that security issues are addressed throughout the project life cycle. Develop and implement recommendations for security technology solutions, which may include technology for encryption, firewalls, authorization, authentication, intrusion, detection, and gateway security controls. Work in an advisory role in application development or acquisition projects to assess security requirements and implement controls as planned. Perform day- to- day security log review and analysis in adherence to company requirements and industry security best practices. Do static scanning (code, open-source libraries) and dynamic scanning. The log reviews include: operating systems, databases, applications, networks and security applications. Work with auditors to demonstrate processes and ensure appropriate levels of access are applied throughout the information lifecycle. Lead the design, development, and delivery of security training programs. 24x7 on-call availability as required. Knowledge of trends and developments in technology relating to security and risk management. Strong understanding of information security controls, risks and threats. Strong knowledge of enterprise security technologies, e.g., Virtual Private Network (VPN), Encryption, Firewalls, Intrusion Detection/ Prevention, and Anti- Virus. Working knowledge of Linux, Windows, Cloud Server, and other enterprise- wide applications. Knowledge of information security standards (ISO, SOC), data privacy laws, computer crime laws, and federal data protection laws, etc. Knowledge of vulnerability analysis tools, OWASP Zap, Veracode, Qualys, Sonarqube, Acunetix, Burp Suite, etc. Knowledge of information security audit and assessment methodologies, policies, standards, procedures and best practices. Ability to conduct risk management assessments; provide assistance in identification, prioritization and remediation of information systems vulnerabilities. Strong technical depth and passion for security. Experience working with 3rd party vendors and service providers.