Senior Information Security Engineer

Join SADA, as a Senior Information Security Engineer!

Responsibilities:

• Participate in the evaluation of enterprise security technology platforms and assist in product or service selection
• Through design review or security testing, identify vulnerabilities and gaps and provide recommendations or directions for remediation
• Responsible for triaging information security alerts, collaborating with internal employees, and taking appropriate actions within the defined SLA.
• Consult, advise, or oversee the secure design and configuration requirements of key IT system and infrastructure projects to ensure compliance
• Manage day-to-day operations of security solutions like ZScaler, Google Security Command Center (SCC), and Google SecOps together with other team members and collaboration with cross-functional teams
• Develop and enforce SOC policies, procedures, and playbooks for incident detection and response. Manage and optimize security tools and technologies deployed within the SOC for maximum effectiveness such as SIEM solutions. Contribute in the monitoring of security alerts and incidents, ensuring timely detection and response to potential threats.
• Weekly/Monthly reporting of Information Security Matrix to respective leadership

Expectations

• Collaboration - This role requires constant collaboration with the internal stakeholders this including colleagues from IT and outside IT for various Information Security initiatives as well as for day-to-day operations
• Required Travel - None. This is a remote position. You should have great remote work discipline.
• Training - The first several weeks of onboarding are dedicated to learning and will encompass learning materials/assignments and compliance training, as well as meetings with relevant individuals.

Location: Remote, Anywhere in the India

Job Requirements

Required Credentials:

• BA or BS degree or equivalent combination of relevant education and experience
• Google’s Professional Cloud Security Engineer certification or able to complete within the first 90 days of employment.

Required Qualifications:

• 5+ years of technology, progressive technology solutions, security architecture, and incident response
• Configure and manage zero trust security policies for web filtering, firewall, sandboxing, data loss prevention (DLP), and other security features. Monitor network traffic and security events to identify and mitigate potential threats. Experience with ZScaler is a plus.
• Have strong knowledge and experience with vulnerability scanning tools like Qualys, Nessus, Rapid7, Tenable etc.
• Experience in hardening security controls of public cloud platforms (Eg. GCP, AWS, Azure, etc). Familiarity with CSPM tools and its management.
• Hands-on experience analyzing and responding to security events generated from SIEM. Experience on conducting log analysis, developing queries and analytics, troubleshooting security issues, and correlating diverse data sets
• Experience managing EDR solutions such as CrowdStrike including responding to alerts and collaborating with users for effective remediation.
• Strong leadership, analytical, and problem-solving skills in Cyber security, including assisting with maturing information security strategy, goals, security metrics etc.
• Excellent written and verbal communication and presentation skills
• Ability to effectively adapt to rapidly changing technology and apply it to business needs
• Ability to manage multiple priorities and work across multiple organizations, Regions, Sectors, and teams

Useful Qualifications:

• Common security certifications such as Security+, GSEC, CEH, ECSA, CISSP, CCSP, CISM, CISA, SSCP, CCSK etc.
• Experience managing SIEM solutions such as Splunk, Sentinel, Chronicle etc.
• Experience managing EDR solutions like CrowdStrike
• A good understanding of compliance and privacy frameworks (SOC2, ISO27001, etc)
• Programming or scripting experience to build security automation where needed.
• Knowledge and comprehension of security industry trends and new technologies and the ability to apply learnings in an evolving cloud security threat landscape