This job ad has been posted over 30 days ago...

4

applicants

Sr Security Engineer - 5+ years experienced with OSCP Full-time

at skarpsinne infotech pvt ltd in Banglore (Published at 19-07-2017)

JOB DESCRIPTION
________________________________________
Position Title:Sr Security Engineer
Department: IT Security Engineering
Location: Qatar
Joining : Immediate
________________________________________

POSITION SUMMARY

This role is very important and critical in defining and maintain security framework in and around information systems within the organization. The position requires deep understanding of how things in security industry with extreme granular details of attack patterns, design of thwart systems, continuous monitoring in web/IT domains etc. Making architectural changes to meet day to day changes in information eco-system in terms of evaluating functional changes from security impact aspect, using best tools in figuring out latest threats, providing solution to extreme challenged, is the central objective of this position. It is matter of interest that this position has ample scope for growth in managing Risk & compliance, not only in terms of experimenting new architectures for better security but also, making structural changes to information system workflow, the way apps process information, the way information is secured at every level of processing etc.

Summary of essential requirements
• Atleast 4- 6 years of relevant/specific extensive experience VAPT of Webapps and Enterprise networks.
• Atleast 2 years on Security testing using OWASP TOP 10, OSTMM, SANS 25, PCI standards as reference in Web Applications Security Assessments.
• Certification to OSCP is a must.
• Strong functional knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering)Strong analytical skills and efficient problem solving.
• Should have expertise participating in any one of the security frameworks/audit-systems:-
o PCI DSS 3.x
o ISO27001
• Active involvement with community in discussions related to risk strategies, attack patterns, compliance is an essential trait.

Educational Qualifications & Skills

Bachelor's or Master’s Degree

Strong analytical skills to comprehend above technical skills on how to make and break foolproof security systems

Would be handling below activities as part of day to day work:

• Conduct security reviews of products, applications and infrastructures. Exploit security flaws and vulnerabilities with attack simulations on multiple projects .
• Plan, Design and execute Internal and External penetration testing, perform security reviews of application covering all types of platforms (Native Windows, Mac & Linux application, web application, web services, mobile applications, SaaS etc.)
• Develop and implement information security policies and procedures.
• Evaluate new products, methods, & technologies to protect against existing & emerging security threats.
• Conduct External and Internal vulnerability assessment and penetration testing, R&D on testing tools, techniques, and process improvements.
• Work closely with cross-functional organizations, project teams and clients to develop project schedules, execute test plans and cases and deliver high quality products.
• Recommend solutions for the vulnerabilities / security issues discovered at the time of penetration testing. Should prioritize and manage multiple tasks.
• Manage overall Incident Response processes for internal & external Incidents.
• Proactively manage activities in Security calendar of organization
• On-call support for weekend deployment of security changes.
• Bring innovation in overall processes for better management and improving efficiencies.
• Understand and meet audit requirements of PCI DSS, ISO 27001, SSAE 16 SOC1, SOC2 standards
• Work with Security team to provide awareness and training to employees on security aspects in Information eco systems
• Execute & Manage end-point security on firewalls and other systems, proof-of-concepts etc.
• Engage with Industry and community in learning latest industry progress on risk and compliance side.
• Periodic review of alerts, log files, VA PT reports and take appropriate actions

Note: Applications have been closed.


Recent jobs at skarpsinne infotech pvt ltd


Viewed: 781 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend