Job Description
What you’ll do:
- Security review of the architecture for the new projects and existing infrastructure setup.
- Ensure efficacy of security controls deployed. Work with the technical operations team to understand security controls/tech deployed and come up with recommendations to address gaps and also take full advantage of the deployed technologies.
- Conduct threat modelling based on well-known standards/frameworks such as STRIDE, PASTA etc.
- Identifying and defining the requirements of the overall security of the information processing systems.
- Identify security gaps, exposures and develop mitigation plans
- Build and execute on organizations roadmaps
- Automation & Scripting as required
- Defining and maintaining security procedures, standards, guidelines and procedures as required.
In depth knowledge of Infosec Domains, strong security mindset, Implementation experience in Security technologies (at least 2 years) such as Next Gen Firewall / IDS / IPS / NAC / CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM, cloud security, application security, endpoint security, data protection, and incident response., Security Architecture reviews etc.
Role :
What you’ll need:
- Bachelor’s degree in information technology or another related field.
- The very strong security mindset
- At least 6-8 years of working experience in domains related to information security
- Minimum of 2-3 years of implementation experience in Security technologies (at least 2-3) such as Next Gen Firewall / IDS / IPS / NAC / CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM etc.
- Minimum of 2-3 years of implementation experience in Security technologies (at least 2-3) such as Next Gen Firewall / IDS / IPS / NAC / CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM, proxy etc.
- Very good understanding of Operating systems (Windows, Linux), VDI etc.
- Knowledge and understanding of cloud security.
- Good understanding of security frameworks, standards such as ISO 27001, NIST, CIS etc.
- Experience in security architecture reviews and driving cross-functional programs.
- Strong skills in security principles such as least privilege access, defence in depth, preventative vs detective controls, network security, cloud security, application security, endpoint security, data protection, and incident response.
- Solid understanding of operational and organizational structures
- Possess of information security certifications (at least two) such as CISSP/CISM/CISA/CRISC/CCSP/ISO 27001/ TOGAF etc.
- Excellent problem solving, interpersonal, communication and presentation skills.
- Able to work independently and efficiently, as well as with others, to meet deadlines in a fast-paced environment.