This job ad has been posted over 30 days ago...

79

applicants

Highradius looking for - Information Security Engineer Full-time

at HighRadius Technologies in Hyderabad (Published at 16-10-2018)

JOB DESCRIPTION
Position Title: Security Engineer
Department: Information Security
Reports to: Director– Security & Compliance
Location: Hyderabad

POSITION SUMMARY

This role is very important and critical in defining and maintain security framework in and around
information systems within the organization. The position requires deep understanding of how things in security industry with extreme granular details of attack patterns, design of thwart systems, continuous monitoring etc. Making architectural changes to meet day to day changes in information eco-system in terms of evaluating functional changes from security impact aspect, using best tools in figuring out latest threats, providing solution to extreme challenged, is the central objective of this position. It is matter of interest that this position has ample scope for growth in managing Risk & compliance, not only in terms of experimenting new architectures for better security but also, making structural changes to information system workflow, the way apps process information, the way information is secured at every level of processing etc.

Summary of essential requirements

 0-3 years on Security testing using OWASP TOP 10, SANS 25, PCI standards as reference.
 Should have worked or trained exclusively on application and network penetration
testing(VAPT).
 Certification to CEH is a must. However, trained CEH with ability to demonstrate the same, can
also apply.
 Well versed with tools used in Security testing industry such as, Nmap, w3af, WebSecurity,
WireShark, Nessus, sqlmap and Metaplot etc. Expertise on 2 tools at every layer is highly
preferred.
  Very good understanding of OWASP top 10 security issues
 Active involvement with community in discussions related to risk strategies, attack patterns,
compliance is an essential trait.
 Work under defined SLAs for clients and deliver projects on time within budget
 Ability to communicate technical impact and business risk using a risk based approach
following industry standard threat-risk ranking model

Keep oneself updated on the latest IT Security news, exploits, hacks.Ability to:
a. Quickly analyse all false positive issues
b. Work individually and take responsibility of entire security project
c. Interact with developers, communicate the issue and get the fix

Educational Qualifications & Skills

 Bachelor's or Master’s Degree (preferably from a top reputed university) 
 Strong analytical skills to comprehend above technical skills on how to make and break
foolproof security systems
 Passion for learning information security and acquiring new skills when required
Would be handling below activities as part of day to day work:
• Perform OWASP Top 10 vulnerability scans
• Perform PCI grade network and penetration testing before and after major system changes
• Plans and implement Risk ranking according to Information Systems policy.
• Implement robust change control and configuration management policies across all environments
• Manage overall Incident Response processes.
• Participate in review of design level changes for assessing overall risk and compliance impact
• Proactively manage patching of updates across eco system from risk and compliance.
• Manage periodic VAPT of key applications
• Understand and manage audit requirements of PCI DSS, SSAE 16 SOC1, SOC2 standards
• Work with Security team to provide awareness and training to employees on security aspects in
Information eco systems
• Collaborate with Infrastructure team creating and implementing baselines for all in-scope systems and components
• Bring innovation in overall processes for better management and improving efficiencies.
• Periodic review of alerts, log files, VA PT reports and take appropriate actions
• Work closely with Developer community in implementing security frameworks
• Managing end-point security on firewalls and other systems.
• Proactively manage activities in Security calendar of organization.
• Engage with community in learning latest industry progress on risk and compliance side.
• On-call support for weekend deployment of security changes.

About HighRadius

With over 750 employees across Houston, London, Germany and Hyderabad, HighRadius is the preferred choice of leading Fortune 1000 companies, including Adidas, Danone, Starbucks, 3M and Sony. With over $50 million in growth funding from Susquehanna and Citi Ventures, HighRadius is a boot-strapped success-story led by Founder CEO, Sashi Narahari. Watch Sashi share his principles to create a Unicorn with Shraddha Sharma & YourStory.

https://yourstory.com/video/sashi-narahari-ceo-high-radius

We are in the final sprint to the top as an Enterprise SaaS-based Order-to-cash software with an ambition to go public in the near future. It's an exciting time to join us for the ride. HighRadius is also the preferred Order-to-Cash technology provider for some of the world's largest banks including Bank of America and Citi.
More information about HighRadius can be accessed at https://www.highradius.com/


Recent jobs at HighRadius Technologies


Viewed: 640 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend