Security Operation Specialist - Gurgaon
- Sirion
- 5 - 9 years
- Noida, Gurugram
- 5 years ago
- Email to a friend
- Report this job
Job Description
Role:
- Responsible for effective security control implementation on all IT systems (endpoints, network, servers, databases, applications, data centre, etc.)
- Define, implement and maintain cloud security controls for a multi-cloud environment (AWS, Azure, etc.)
- Assist in implementing, maintaining and monitoring ISMS policies and procedures, including but not limited to security logging and monitoring, security incident management (tracking, investigation, remediation and response), data leakage prevention, IT system security hardening baseline, access control, change management, backup management, patch management, vulnerability management, IT infrastructure & Network penetration testing, asset management, business continuity & disaster recovery etc.
- Assist in evaluation of network hardware and software requirements and capabilities and makes recommendations. Research/evaluate, implement and support new security technologies and platforms
- Perform cost-benefit and return on investment analyses for proposed systems to aid management in making implementation decisions
- Perform POC for identified security products to implement effective security controls
- Negotiate with vendors, outsourcers, and contractors to obtain network products and services
- Manage and ensure effectiveness of security solutions, including firewalls, anti-virus solutions, intrusion detection systems and Data Leakage Prevention systems
- Perform vulnerability assessment for IT infrastructure to identify risk and assist in defining the mitigation strategy
- Work with the application and IT team to ensure the security for application and IT infrastructure
- Assist in monitoring and investigating the information security breaches and manage the incident management process
- Assist in incidents or problem management that cause service impact and acts as escalation point for incidents not being resolved in a timely manner
- Responsible for overall system and infrastructure availability and develop a resilient infrastructure to reduce failures
- Coordinate and support respective stakeholders including the business teams, IT, etc. during the BCP/DR activities
- Support Information Security audits / assessments / remediation of third-party vendors / suppliers
- Support in conducting Information Security awareness and training programs for the employees as part of their induction and regular awareness
- Prepare metrics based periodic reports and dashboards with support from the stakeholder functions for management review
- Maintain good knowledge of current technology trends, evaluate new technologies and undertake training to strengthen IT skills as required
- Prepares and maintains documentation of network configurations and cabling layouts
- Assist in performing Information Security and Privacy Risk Assessment of IT systems, applications, new technologies, third parties etc. and implement mitigation controls
- Assist in RFP response and other documentation for IT projects and associated efforts
Work Experience:
- 5-9 years' of relevant experience in IT security implementation and operations
- Must have a working knowledge of cloud environment especially AWS, open source tools for logging, monitoring, SIEM, IDS/IPS, MDM etc.
- Knowledge of technology solutions including MFA, antivirus threat protection, DLP, etc.
- Awareness of ISO 27001, Service Organization Controls (SOC), ISO 27701, ISO 22301 and ISO 31000 based Risk Assessment and Management methodology
- Experience in Cloud (AWS) Security, Linux, Microsoft and Security technologies
- Excellent knowledge of current protocols and standards, including Active Directory, Group Policies, MS Exchange, Core Switching/Routing, SSL/IPSec, SAN, Virtualization, Business Continuity, Disaster Recovery
- Experience working with network monitoring systems, SIEM or equivalent experience
- Client and Vendor security management practices
- Exposure to cyber security frameworks like OWASP, SANS, NIST etc.
- Experience in Vulnerability identification, management and prioritization
- Experience in using tools such as Nessus, Acunetix , Appscan etc.
- Experience in using Burp suite, Scripts and Kali Linux, Metaexploit and other such static analysis tools
- Formal IT Security related qualification like AWS Security, CCNP, JNCIS, CompTIA Security+ etc.
Educational qualifications and certifications:
- B.E / B.Tech (IT/ CS) / BSc (CS/IT) / MCA / MSc (CS/ (CS/IT) / BCA or postgraduation in (CS/IT)
Organizational skills:
- Self-driven and initiator
- Ability to multi-task effectively and work under pressure
- Ability to perform general mathematical calculations for the purpose of creating needs assessments, budgets, and forecasting.
- Ability to conduct research on latest security solutions and products as required.
Job Classification
Industry: IT-Software, Software ServicesFunctional Area: IT Software - Application Programming, Maintenance, Role Category: Admin/Maintenance/Security/DatawarehousingRole: Admin/Maintenance/Security/DatawarehousingEmployement Type: Full timeEducation
Under Graduation: B.Tech/B.E. in Any Specialization, B.Sc in Any Specialization, BCA in ComputersPost Graduation: Post Graduation Not Required, Any Postgraduate in Any SpecializationDoctorate: Doctorate Not RequiredContact Details:
Company: SirionLabs Private LimitedLocation(s): Noida, GurugramWebsite: https://www.sirionlabs.com/+ View Contact
Keyskills: network penetration testing cloud security vulnerability assessment AWS
Fraud Alert to job seekers!
₹ Not Disclosed
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in