What you will do:
– work on a diverse domain of information security across the organization, most importantly infrastructure and data security
– be responsible for identifying security issues (external as well as internal), help stakeholders to mitigate and at frequent occasions build a solution around some of the complex problem statements related to core financial technology
– implement /maintain security for cloud-based systems/applications in AWS
– translate product requirements into threat models and identifying privacy issues and data leaks
– automate infrastructure security and develop/implement security automation to solve manual effort on a day-day basis
– build in-house security analytics solutions using open source tools (log parsing, event correlation and threat detection)
– research/conduct threat hunting operations using known adversary tactics, techniques and procedures to detect advanced threats
– build in-house red-team and blue-team security frameworks to establish a state of art security culture inside tech
– be responsible to track security incident responses across the organization
– assist with creating security awareness and maintaining prudent security engineering culture within an organization
– enable compliance in teams and help them achieve some of the industry’s best practices
You should apply If you have:
– more than 3 years of experience in information security
– proficiency in one of the programming languages (python,golang, java)
– the ability to be a go-to person and communicate effectively with stakeholders(engineers, product, business teams)
– good understanding of cloud security and a background of working with AWS security
– experience with deploying custom-built and scalable security solutions. good to have experience with enterprise security tools – SIEM, IDS/IPS, FIM, PAM
– experience with handling incident response life-cycle (detection, identification, containment, analysis, remediation and reporting)
– a certification in information security(e.g. OSCP) as a good to have
– the ability to influence organizations by practicing a data-driven approach
– the ability to be proactive in keeping yourself updated with security news/issues/breaches/tools/blogs on the internet
– the zeal to explore diverse domains of information security and have a fast learning curve
in India