Security Specialist

Requirements

• 5+ Years of experience in working on Security aspects
• Must be proficient in understanding various aspects of Application Security in a cloud
• environment and should have worked on tightening the security at all levels.
• Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand
• Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint, AWS Inspector, Kali Linux)
• Experience in Mobile Application testing including iOS and Android.
• Experience with web application vulnerability scanning tools (Burpsuite Pro, Veracode)
• Experience with network/infrastructure-level penetration testing
• Excellent communication skills to collaborate with both external and internal stakeholders to maintain the overall Information Security for KloudGin.
• Must have experience on AWS landscape and understanding of security aspects related to EC2, VPC, CloudFront, WAF, Shield, Secrets Manager, Inspector, CloudTrail, CloudWatch, Systems Manager, IAM, Config, etc.
• Should be aware of various CIS Benchmarks and be able to tighten the application and database servers based on the guidance.
• Experience in Application security and Mobile security Including OWASP technologies, vulnerability research and Mitigation.
• Awareness of CISSP certification will be a plus
• AWS Certification will be a plus
• Certification in any of these or similar certifications – CEH, ECSA, OSCP will be a plus.

Responsibilities

• To manage the Information Security Program and IT Operations at KloudGin.
• To perform web Application vulnerability scans leveraging both tools and manual checks.
• To use both DAST and SAST tools to identify the vulnerabilities and work with the developers to fix and remediate the same.
• To perform application security risk assessments.
• To conduct penetration testing using various tools and block the exposures in coordination with the development teams.
• To manage the Security features of KloudGin application and support the Presale team in responding to prospects about KloudGin infrastructure and security.
• To drive the Security Certification of the KloudGin product based on the above-mentioned security check based on the KloudGin releases.
• To drive the external Audits and Governance at KloudGin including VAPT, SOC Audits, GDPR Reviews.
• To drive and play the Project Manager role for the Disaster Recovery Drill of the application.
• Assess publicly and privately announced security vulnerabilities to determine the risk based on severity, threat likelihood and impact
• Conduct checks on server level vulnerabilities and adhere to CIS benchmarks for the environments.
• To perform log monitoring using SIEM tools and manage the threats or attacks on the application / network.
• Automation of Secrets management across the application and Environments.
• Continuously enhance the security of the application to meet the industry best practices.
• Review the latest threat in the industry and safeguard the application and environment against the same.
• Manage the Security Onboarding and Offboarding for the employees at KloudGin.
• Manage the IT Operations at KloudGin including end-point security and Antivirus management.

Employment Type

• Full-time