Information Security Engineer

Job Brief:

The Information Security Engineer will assist in implementing and maintaining security measures to protect the organization’s systems, networks, and data. This role will involve supporting security initiatives, monitoring security events, and assisting with incident response activities. The position requires a basic understanding of information security principles and technologies.

Responsibilities:

  • Assist in implementing and maintaining information security policies, procedures, and controls.
  • Participate in security assessments, audits, and compliance reviews to ensure adherence to security standards and regulations.
  • Assist in identifying and addressing security vulnerabilities and weaknesses in systems and networks.
  • Monitor security events and alerts, investigate potential security incidents, and assist with incident response activities.
  • Collaborate with IT teams to integrate security best practices into system design and implementation.
  • Assist in managing security tools and technologies, such as firewalls, intrusion detection/prevention systems, and endpoint protection solutions.
  • Stay informed about emerging threats, vulnerabilities, and security technologies to enhance the organization’s security posture.
  • Provide support and guidance to end-users on security-related issues and best practices.
  • Implementing software security controls as part of the secure SDLC pipeline
  • Collaborate closely on security aspects across various technologies and methodologies, including operating systems, databases, access controls, patch management, encryption, antivirus, and vulnerability assessment.

Requirements:

  • Monitoring, validation   and   analysis   of investigations of events and alerts on AWS Cloud Infrastructure, SaaS applications and infrastructure.
  • Conduct   web   applications   and   services   security   scanning   e.g   DAST, pen testing etc.
  • Should be well versed in vulnerabilities identification, remediation tips and release plan management
  • Should be well versed with OWASP TOP 10 vulnerabilities
  • Automate penetration and other security testing on networks, systems and applications
  • Follow procedures to contain, analyze, and eradicate malicious activity.
  • Experience in working extensively with the Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate the compliance requirements
  • Good to have CEH (Certified Ethical Hacking) as a Professional Application Security Expert/Penetration Testing.

Qualification:

  • BS/MS in Computer Sciences or relevant degree
  • 1-2 Years of relevant experience required in similar roles

Apply for this position

Allowed Type(s): .pdf, .doc, .docx