Job Description :
We need you to be a hands-on Security Engineer with technology in researching, crafting, and implementing capabilities and defenses to secure and protect critical assets & data.
Job Function:
As a Cyber Security Analyst
Develop, recommend, evaluate, integrate, deploy, and maintain security tools including static and dynamic analyzers, security frameworks.
Develop and maintain security utilities and metrics dashboards that help team to track/report on compliance.
Evaluate software security products and technologies, as required.
Configure and set up alerts on all the SOC security tools.
Ability to deep dive into data and analyze for security and fraud anomalies.
Strong knowledge of threat modeling at Application level is required.
You would be expected to conduct web security assessments and handle vulnerability remediation of applications and web services.
Ability to determine risk based on context.
About 1-2 years of related hands-on security product development experience (Java, Python, JS) with web applications.
Ability to clearly articulate issues and communicate in an effective and personable manner.
Ability to adjust quickly to the security needs of a highly agile organization.
Lead threat modeling, mitigation discovery, and manual/automated verification of mitigations.
Develop recommendations/plans to mitigate issues found during monitoring.
Participate in incident response and forensics.
Build tools and infrastructure for automating incident response.
Triage internal security events, responding or escalating as needed.
Monitor external information sources for new security developments & advisories.
Maintain vulnerability management infrastructure and track remediation measures.
Participate in setting all required alerts to validate compliance with PCI & SOC
Participate in external audits of security (Penetration testing, etc.
The global nature of the business and the 24/7 nature of security threats will require flexible schedule.
Skills and Experience
1- 2 years of information security experience, preferably in ecommerce services or another highly regulated industry such as finance, with B.S. in Computer Science
1-2 years of experience in a 24 x 7 Security Operations Center in a largescale Internet web site, monitoring and managing production UNIX (Solaris) / Linux / Windows systems.
Experience responding to security questions and incidents from end users.
Experience in security best practices for Windows desktops and servers, Linux servers, and network devices.
Experience in Python, or other scripting language and the ability to automate repetitive tasks. This is Required.
Understanding of TCP/IP protocol suite and the ability to capture and analyze network traffic streams.
Experience with a variety of open source and commercial security monitoring and testing tools such as nmap, RrevealX- Extrahop, SIEM (Splunk ES), IDS/IPS, anti-malware, and Web filtering, is a MUST.
Experience with Distil, Akamai, Imperva DAM, Red Seal, ThousandEyes, Recorded Future, and ServiceNow, is a MUST.
Experience with Qualys. Need to own the scan process end to end.
Experience with Puppet. Need to own part of the patching process during the night shift.
Analyze a variety of network and host-based security logs (Splunk ES, Distil, Akamai WAF etc to determine the correct remediation actions and escalation paths for each incident.
Manage the Security monitoring tools, set up dashboards and alerts.
Strong Knowledge and experience with VMware & Cloud (Prefer GCP)
Monitor and analyze data flow to identify and block malicious behavior and activities
Work as part of a team to ensure the stability, availability, and performance of environment which include networks, monitoring, JIRA tickets, security, change management, account management and responding to issues.
Work with T&S team to identify frauds and set up scripts and alerts.