Information Security Engineer

• Work closely on security aspects of multiple technologies and methodologies as it relates to operating systems, databases, access controls, patch management, encryption, anti-virus, and vulnerability assessments etc. to assist the engineering and compliance team with effective research, data gathering, analysis, metrics, reporting and communications.
• Identify security prospects of multiple solutions that help keep the organization safe from threats.
• Provide direction to infrastructure, operations, data, and network teams throughout the implementation of security aspects in production, and beyond.
• Maintain knowledge of engineering next-gen designs, security trends, threats, and attack techniques.
• Translate threat intelligence into actionable security with available tools.
• Design and review the architecture for Systems, Networks, DB etc.
• Conduct Kaizen/continuous improvement events with Technology teams and follow up/assist with implementation.
• Help teams with readiness for external assessments against industry standards and review programs/documentation for conformance.
• Evaluate and recommend new information security technologies and practices along with improvement in current infrastructure.
• Suggest processes for adherence to information regulatory compliance globally.
• Review Information Security Program including Policies, Standards, Guideline and Procedures.
• Review Audit Logs, Risk Assessments, Vulnerability Assessments and do Gap Analysis.
• Make recommendations for improving Information Security Incident Management and participate in Root Cause Analysis.
• Build and maintain effective relationships with management, peers, project managers, and internal customers.

• Education: BS Computer Sciences
• Experience: Fresh to 2 Years

• Preferable CISA certified
• Information Security (Confidentiality, Integrity and Availability, Physical and Logical Security)
• Networks (Firewall, Routers, Switches and Network Diagram)
• Cryptography (Encryption, Decryptions Hashing algorithms, Key Management)
• Incident Management
• Interest in Compliance & Regulations.
• Audit Command Language/GRC Platform
• CIS-CAT Tool
• MS (Visio, Powerpoint, Excel, etc.)

i2c