Security Engineer

Security Engineer

Highradius Technologies Private Limited
Hyderabad / Secunderabad
2 - 4 Years
10000 - 450000 INR

Job Description


POSITION SUMMARY
This role is very important and critical in defining and maintain security framework in and around information systems within the organization. The position requires deep understanding of how things in security industry with extreme granular details of attack patterns, design of thwart systems, continuous monitoring etc. Making architectural changes to meet day to day changes in information eco-system in terms of evaluating functional changes from security impact aspect, using best tools in figuring out latest threats, providing solution to extreme challenged, is the central objective of this position. It is matter of interest that this position has ample scope for growth in managing Risk & compliance, not only in terms of experimenting new architectures for better security but also, making structural changes to information system workflow, the way apps process information, the way information is secured at every level of processing etc.
Summary of essential requirements
• 2+ years on Security testing using OWASP TOP 10, SANS 25, PCI standards as reference.
• Should have worked or trained exclusively on application and network penetration testing(VAPT).
• Certification to CEH is a must. However, trained CEH with ability to demonstrate the same, can also apply.
• Well versed with tools used in Security testing industry such as, Nmap, , w3af, WebSecurity, WireShark, Nessus, sqlmap and Metaplot etc. Expertise on 2 tools at every layer is highly preferred.
• Very good understanding of OWASP top 10 security issues
• Active involvement with community in discussions related to risk strategies, attack patterns, compliance is an essential trait.
• Work under defined SLAs for clients and deliver projects on time within budget
• Ability to communicate technical impact and business risk using a risk based approach following industry standard threat-risk ranking model
Keep oneself updated on the latest IT Security news, exploits, hacks.Ability to:
a. Quickly analyse all false positive issues
b. Work individually and take responsibility of entire security project
c. Interact with developers, communicate the issue and get the fix
Educational Qualifications & Skills
 Bachelor's or Master’s Degree (preferably from a top reputed university)
 Strong analytical skills to comprehend above technical skills on how to make and break foolproof security systems
 Passion for learning information security and acquiring new skills when required
Would be handling below activities as part of day to day work:
• Perform OWASP Top 10 vulnerability scans
• Perform PCI grade network and penetration testing before and after major system changes
• Plans and implement Risk ranking according to Information Systems policy.
• Implement robust change control and configuration management policies across all environments
• Manage overall Incident Response processes.
• Participate in review of design level changes for assessing overall risk and compliance impact
• Proactively manage patching of updates across eco system from risk and compliance.
• Manage periodic VAPT of key applications
• Understand and manage audit requirements of PCI DSS, SSAE 16 SOC1, SOC2 standards
• Work with Security team to provide awareness and training to employees on security aspects in Information eco systems
• Collaborate with Infrastructure team creating and implementing baselines for all in-scope systems and components
• Bring innovation in overall processes for better management and improving efficiencies.
• Periodic review of alerts, log files, VA PT reports and take appropriate actions
• Work closely with Developer community in implementing security frameworks
• Managing end-point security on firewalls and other systems.
• Proactively manage activities in Security calendar of organization.
• Engage with community in learning latest industry progress on risk and compliance side.
• On-call support for weekend deployment of security changes.

About HighRadius

HighRadius is the largest, fastest growing company in the order-to-cash cloud SaaS space. With over $60 million in investments from strategic partners including Citi and Bank of America, HighRadius is trusted by over 400 Fortune 1000 companies across the globe. Our Founder & CEO summed it up best in this YourStory interview, when he talked about our culture. We believe in Letting the Best Ideas Win, Calling BS on Your Boss and Bringing some Zing to everything we do. Sounds fun Click here to read more about our culture.

More information about High Radius can be accessed http://www.highradius.com

Similar Jobs

Career Advice to Find Better

Simple body text this will replace with orginal content