Responsibilities

Serves as the domain expert (SME) on Cybersecurity matters

Lead and influence multi-disciplinary teams in implementing and operating cyber security controls for cloud and on premise environment; micro-services, containers, applications, operating systems, databases, and networks

Involve in the project or lead the project related with IT infrastructure & Application security whenever required

Support maintenance team in difficult or chronic problems, escalate the issue to vendor, identifying the root cause and preventive measures

Support presales team on infrastructure & Application security solutioning in bids

Provide system architecture design and planning for new IT infrastructure deployments in both hosted and cloud environments

Work closely with Project Managers/ Application Development Team in planning the implementation tasks

Perform initial installation and configuration of new IT infrastructure & security deployments in both hosted and cloud environments

Conduct security design review with customers

Lead the track in security testing and remediation, conduct Application, Server and Network vulnerability assessment

Deliver Application Security Assessment activities with entities and external suppliers/customers

Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders ranging from business leaders to engineers

Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements

Conduct in-depth assessments on the applications using SAST, DAST, Penetration Testing, Red Teaming Activities to determine application security posture and potential vulnerabilities

Develop and implement server security and hardening

Supports the monitoring and tuning of detection and security automation tools

Automate security controls, data and processes to provide better metrics and operational support

Experiences & Qualifications

Minimum Bachelor in Computer Science or IT related studies

Minimum 8 years’ experience in IT industry with 6 years in network/systems/Application security arena

At least 5 years of experience in Vulnerability Assessment, Penetration Testing & Source Code Reviews of Web, Mobile and Thick Client Applications

Knowledge of networking and IP/TCP protocol

Experience in Windows and other OS good to have

Experience of working and securing Virtualization Technologies

Experience with firewall technologies and products, including NextGen firewalls and firewall management tools

Knowledge and experience in scripting or programming languages (ex. Python, Perl, Ruby, PowerShell, C, C#, Java) in order to develop custom scripts or tools

In-depth knowledge in network and systems security issues

Hands-on experience in security-related tasks such as OS tightening, patching and updating, virus scanning will be an added advantage

In-depth knowledge on network and systems security issues and ability to offer advisories and troubleshooting support

Good communication skills and positive working attitude

Relevant certifications such as CISSP/CISA/CISM, CREST, CEH would be advantageous