Security Engineer

<p><strong>Job Role Pointers:</strong></p> <p></p> <ul> <li>5+ years’ of experience in AWS app and infra security, Vulnerability Assessment and&nbsp;Penetration testing.</li> <li>Should have participated in at least 2 IT Security Audits, preferably one of which should&nbsp;be in the last 12 months</li> <li>Experience in working heterogeneous work environments and AWS cloud - product&nbsp;based company experience is good to have</li> <li>The security engineer will be part of the cloud infra &amp; security team that shall manage&nbsp;all security and compliance requirements for e-commerce products.</li> <li>Conduct and participate in security audits, identify gaps in web security, application&nbsp;security, mobile app security, Network security and IT infrastructure security, mitigate&nbsp;risks using right controls</li> <li>The team members shall prepare VAPT (Vulnerability Assessment &amp; Penetration Testing) reports using defined templates and assist the management for finalization of audit reports. Co-ordinate to get the findings resolved in specific time</li> <li>The team members shall prepare the security checklists, test cases, and test scenarios to perform the security audit.</li> </ul> <p><strong>Desirable Skills &amp; Experience: </strong></p> <ul> <li>Experience in analysing and in identifying the vulnerabilities in apps, aws resources and configurations.</li> <li>Hands-on experience in web application, Mobile App and network Vulnerability Assessment &amp; Penetration Testing using industry standard tools such as Vulnerability Scanners for e.g. Qualys, Nessus, WebInspect, Acunetix, Metaexploit, Burp Suite Pro, Netsparker etc.</li> <li>Hands-on linux admin and security experience - hardening of servers as per industry standards · Experience working with OWASP (Open Web Application Security Project ) security requirement and implementing them</li> <li>Should have the ability to stay organized, and possess excellent communication skills.</li> <li>Perform or co-ordinate penetration tests on computer systems, networks and applications</li> <li>Perform physical security assessments of systems, servers and other network devices to identify areas including firewall maintenance and administration etc.</li> <li>Research, evaluate, document and discuss findings with Eng teams and management.</li> <li>Review and provide feedback for information security issues and fixes.</li> <li>Establish improvements for existing security services, including hardware, software, policies and procedures.</li> <li>Identify areas where improvement is needed in security education and awareness for users.</li> <li>Be sensitive to corporate considerations when performing testing (i.e. minimize downtime and loss of employee productivity).</li> <li>Stay updated on the latest malware and security threats · AWS Security experience is mandatory.</li> <li>Experience working with XDR/EDR and microsoft O365 security and SaaS security.</li> </ul> <p></p> <p>Necessary certifications - CCNA/CompTIA+ or similar. AWS Security speciality or similar.</p> <p></p>