Security Engineer (Lead) with skills Cloud Security, AWS - EKS, AWS - CloudFormation, Azure Firewall, Cisco Firewall, AWS-Apps, GCP-Apps, AWS-Infra, Firewall, Web Application Firewall, AWS DBA, Palo Alto Firewall for location Pune, India
ROLES & RESPONSIBILITIES

 The Systems Security Analyst plays an integral role by implementing, maintaining and enforcing multiple data/cyber security standards, processes, and initiatives while protecting the confidentiality and integrity of Empyrean’s information assets on multiple platforms.

 

·       Assist with documenting a secure configuration standard for managed file transfer and email.

·       Configure, manage and monitor FTP systems pertaining to security standard.

·       Configure, manage and monitor outbound secure email gateway policies

·       Analyze file transfers for encryption, file integrity and unauthorized disclosure, to ensure security/encryption policies are adhered to.

·       Conduct vulnerability scans on test, dev. and production systems to ensure all systems are in compliance with latest patches and Empyrean’s security policy

·       Review vulnerability scan reports and manage a remediation process to mitigate risks. 

·       Conduct risk assessments on Active Directory, Windows and LINUX servers and network equipment. 

·       Perform audits of access control list of systems and applications.

·       Set up requested FTP/SFTP sites.

·       Manage all PGP encryption configurations and generation of public/private keys

·       Assist clients with Key Pair generations and successful encrypted file transfers

·       Manage master encryption key ring and Key Vault

·       Conduct periodic audit to ensure encryption policy is being adhered to

·       Monitor and manage Empyrean’s Domain, SSL/SSO certificates

·       Obtaining, creating certificates and deploying certificates to appropriate servers

·       Assist with a developing and enforcing a DLP policy on endpoints at Empyrean.

·       Working in conjunction with Empyrean compliance department, conduct security incident investigations and complete security incident reports

·       Manage Empyreans penetration tests

·       Participate in Internal Security Assessment and Internal/External Audits

·       Assist in RFP process with filling out security questionnaires as required

·       Compete security vendor assessments

·       Create/Review and update policies on annual basis and as required

·       Active member of and participate in weekly security team meetings

·       Review and edit policy documents and create new policy where there are gaps

 

 

Qualifications

 

·       Bachelor’s  Degree considered, also 5  to 8 years equivalent experience in IT Security in lieu of degree

·       Has set up and worked within a Security Program

·       Understanding and working knowledge of SIG

·       Has hands on experience with Security evaluations, questionnaires both in generating and responding.

·       Actively managed a vendor management program

·       Have developed policies where needed and conducted annual reviews of current policies, with ability to recommend changes where needed

·       Knowledge of requirements mandated by regulatory laws such as, HIPAA and the Privacy Act.

·       Knowledge of and worked within NIST (CFS) framework and documenting security technology standards.

·       Be familiar with the ISO 27001, HIPPA security framework.

·       Be familiar with and participated in SSAE-18, SOC l & ll audits

·       Has experience working with Secure email, FTP,SFTP,AS2 systems and applications

·       Understanding and working knowledge of Public Key Infrastructure (PKI).

·       Basic knowledge of networking protocols and the OSI and OWASP models.

·       Knowledge of requirements mandated by regulatory laws such as, HIPAA and the Privacy Act.

·       Knowledge FIPS 140-2 approved encryption algorithms such as AES, 3DES, IDEA, RSA etc.

·       Work toward good understanding of process flows as it relates to integrating MFT with Empyrean’s internal application.

·       Solid background and understanding in networking  concepts, protocols, configurations,  firewalls, routers, network/system/security devices

·       Has experience or exposure to packet captures and analyze data using company approved sniffer tools.

·       Working knowledge of Group Policy and Active Directory.

·       Worked with security tools such as Email/web gateways, eg. Proof Point. Scanning tools, eg. Tenable, encryption tools, SIEM, Bitsight/Security Scorecard, etc.

·       Security certifications preferred  (such as, CISSP, GIAC,CCFP,HCISPP, SSCP,CNP)

EXPERIENCE
  • 8-11 Years
SKILLS
  • Primary Skill: Cloud Security Engineering
  • Sub Skill(s): Cloud Security
  • Additional Skill(s): AWS - EKS, AWS - CloudFormation, Azure Firewall, Cisco Firewall, AWS-Apps, GCP-Apps, AWS-Infra, Firewall, Web Application Firewall, AWS DBA, Palo Alto Firewall
ABOUT THE COMPANY

Infogain is a human-centered digital platform and software engineering company based out of Silicon Valley. We engineer business outcomes for Fortune 500 companies and digital natives in the technology, healthcare, insurance, travel, telecom, and retail & CPG industries using technologies such as cloud, microservices, automation, IoT, and artificial intelligence. We accelerate experience-led transformation in the delivery of digital platforms. Infogain is also a Microsoft (NASDAQ: MSFT) Gold Partner and Azure Expert Managed Services Provider (MSP).

Infogain, an Apax Funds portfolio company, has offices in California, Washington, Texas, the UK, the UAE, and Singapore, with delivery centers in Seattle, Houston, Austin, Kraków, Noida, Gurgaon, Mumbai, Pune, and Bengaluru.

Express Application
Upload Microsoft word, PDF file upto 500KB.
Recent Jobs
Posted on May 19, 2024
GCP Data Engineer (Standard) | 3-4.5 Years | Big Data - Kafka, Python, Scala, Apache Spark
Posted on May 19, 2024
Power Apps Developer (Senior) | 6-8 Years | Power Apps Development - Power Apps Development, Workflows
Posted on May 19, 2024
Technical Architect (Standard) | 12-14 Years | .NET Architecture, Java Architecture, C/C++ Architecture, Systems Architecture - Frontend Architecture, Mainframe Architecture, Mobile Architecture, User Interface Architecture, Application Architecture...
Posted on May 19, 2024
Project Manager | 12-14 Years | AI/ML Project Management, Project Management (SE), Project Management (IE) - Project Management (Hyperautomation), Risk Management, Testing Project Management, Testing Management, TPM...