Location : ,
Title: Cyber Security Engineer
Job Description:
Mandatory Skills/Experience
• Good knowledge of Identity Access Management (IAM), SAML, Federation, Privilege Access Management (PAM), and MFA technologies.
• Data Security (Cryptography and Encryption).
• Knowledge of advanced Auditing and Log Management.
• Security vulnerabilities scanning tools.
• Knowledge of Cloud Access Broker Services (CASB) and configuration based on best practices.
• Data Loss Prevention (DLP) tools and configuration based on best practices.
• User behavior monitoring.
• Data analysis of Network, Cloud, and Endpoint data.
• Centralized management of next generation firewalls and intrusion detection and prevention systems (IDS/IPS).
• Provide oversight and assess security controls for IaaS, PaaS, and SaaS services, while collaborating with system integrators and Client teams to deliver reliable and scalable security capabilities.
• Optimization of security tools and controls.
• Oversee and lead the implementation of all security solutions, develop technical, and reference architectures throughout the project duration.
• Perform as a subject matter expert on cloud technologies, build, and recommend security infrastructure from scratch and raise security risks in a timely manner.
• Develop security requirements for complex internet facing applications and associated infrastructure components.
• Responsible for assessing and reviewing end-to-end secure integrations including web services and APIs.
• Work closely with Client security team and third party system integrators on security engineering related issues and resolving the issues without affecting the overall project delivery timelines.
• Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
• Analyzes trends, news, advisories, and changes in threat and conduct security assessments with risk mitigation plans.
• Review vulnerability management reports and follow-up with technical stakeholders on remediation efforts.