Senior Security Engineer

Senior Security Engineer

Disys India Private Limited
7 - 10 Years
Not Specified

Job Description

Job Description :
TheSenior Security Engineer serves as a technical lead for the IT Security Team and is responsible for the operation, maintenance, monitoring and implementation of IT security technologies, processes and procedures. This job role will be well versed in understanding the information technology landscape including security, infrastructure, network, client, server, emerging technology standards and trends. The Senior Security Engineer will manage and monitor outsourced security functions; will apply expertise in information security and protection systems to eliminate or reduce unauthorized access, disclosure or destruction of data in the care of company; assists with investigation of technology security breaches; identifies security issues; performs and participates in risk assessments; assists in the identification, development and implementation of security solutions; recommends secure solutions utilizing standard best practice security principles; assists in designing, implementing and measure required compliance controls; contributes to the overall security posture of the organization.

  • Lead the design, review, and implementation of strategic and tactical security initiatives.
  • Identify significant actual and potential cyber security problems, trends, and weaknesses and recommends specific modifications and solutions to reduce information systems security risks.
  • Provide architectural design and coordinate the implementation of security solutions to integrate into existing network environment. Establish requirements and make recommendations on the appropriate infrastructure protection tools, methods, and technologies.
  • Develop strategies for responding to future security challenges. Demonstrate effectiveness of the program for implementation on an organization-wide basis.
  • Review, create and update security policies, procedures and standards, and present them to management for endorsement. Establish technical or procedural enforcements for pertinent policies within the organization. Facilitate organizational-wide communications and institute measures to ensure information security awareness and compliance.
  • Review new and existing systems, networks, and software designs for potential security risks, and resolve integration security issues across disciplines. Define the scope and level of detail for applicable security plans and policies.
  • Implement and interpret the requirements of ISO/IEC, PCI, SOX, and HIPAA policies, mandates and standards. Develop the project plan for the implementation, identify major milestones and activities, and coordinate development and implementation. Develop plan and methodology for testing and measuring IT compliancy.
  • Act as a key member of the Incident Response Team, who may be called upon to represent in the investigation of serious cyber security violations that potentially impact the integrity of company's infrastructure. Recommend action for containment and remediation based on findings, and following up to ensure the implementation of corrective actions.
  • Proactively monitor security infrastructure and tools to insure reliability and integrity of systems and applications. Develop and implement operational response procedures to maximize visibility, maintain stability and prioritize criticality of identified issues.
  • Investigate and respond rapidly to identified security incidents. Acquire, analyze, and interpret forensic images, packet captures and logs to accomplish rapid and accurate incident response. Recommend and implement tools, standards and procedures to facilitate future investigations.
  • Educate IT team members in security best practices. Collaborate with IT Teams to incorporate security best practices into daily workflows and procedures.
  • Assist with development and implementation of Security Awareness Training for entire organization.

  • Other job duties as assigned.

Education/ Experience:

  • Bachelor ’s degree with a concentration in Computer Science or Business Administration or equivalent work experience required.
  • Five (5)+ years’ experience (7+ years in lieu of degree) in firewalls, routers, proxies, load balancers, and UNIX-based systems.
  • Excellent oral and written communication skills and interpersonal skills.
  • Proficient in network protocols such as TCP/IP, HTTP/HTTPS, SSH, SSL, BGP, DNS, SNMP, VRRP.
  • Proficient in firewalls, routers, proxies, load balancers, and UNIX-based systems.
  • Experienced in AWS Security, Architecture and Infrastructure administration.
  • Proficient at securing systems (e.g. common operating systems, network equipment).
  • Proficient in security concepts such as identity management, least privilege, defense in depth and separation of duties
  • Proficient in security technologies such as IPS, VPNs, D/DoS and vulnerability management.
  • Working knowledge of common web architectures and related security risks.
  • Working knowledge of large scale networks including architecture and security risks.
  • Working knowledge of Windows based operating systems.
  • Working knowledge of scripting languages (Python or Perlpreferred).
  • Familiarity with incident response and forensic investigation.
  • Experience writing technical specifications and operational documentation.
  • A strong desire to learn while being able to complete tasks in a high-pressure environment.

Disys India Private Limited

People Also Considered

Career Advice to Find Better

Simple body text this will replace with orginal content