Security Engineer

Help to design, implement & maintain organization’s information security / cyber security planConstantly research the latest information security technology trendsDevelop & direct implementation of security standards & best practices to protect information assets of the organizationHelp in evaluation, selection, negotiation, procurement & maintenance of security tools for the organization at all levelsTimely testing & deployment of security patchesMonitor organization’s computer systems, networks, databases, internet etc for security breaches, cyberattacks, internal violationsDesign, plan & implement security operations centre (SOC) for the organizationEnsure regular IT Information Security audits are conducted and necessary reports are presented to senior managementEnsure AppSec, VA/PT and other necessary testing carried out for all the software of the organizationPrepare and implement SOPs for information security operations of the organizationBuild a strong Information Security culture for the organizationResponsible for defining access privileges, control structures, and resources to protect systemsOperate software to protect systems and information infrastructure, including firewalls and data encryption programs; and install security measures Undertake research, simulate and run penetration tests using publicly available and proprietary toolsProvide leadership for security projects along with other Risk and Project/Dev-Ops groups Responsible for developing and maintaining lab environments to evaluate new security threats Continuously undertake research on new attack vectors and techniques Participate in product security reviews with PMO and product management teamsIdentify abnormalities, recognize problems, and report violations Assess current situation, evaluating trends and anticipating requirements to implement security improvements and processes Provide support for executive reporting through analysis of information security trends, metrics, and statisticsProvide support for user access administration processes and user entitlement reviewsConduct periodic audits to determine security violations and inefficiencies Implement and maintain security controls to upgrade systems Prepare Information Security performance reports and communicate system status to keep users informed Implement and oversee Information security training awareness program within the organizationMaintain industry compliance certifications for the organizationReview Third Party information and Vendor software/hardware security controls/risks and document gaps and issues for action Support customer security reviews for new and existing customers Conduct security research in keeping abreast of latest security issues and Maintain technical knowledge by attending educational workshops; reviewing publications