India • kolkata

Senior Security Engineer

Position: Information Security Officer

Position Overview

We are looking for an individual who can put his/her technical expertise and information security knowledge to plan, execute and deliver on existing and new Digital Security initiatives of the Company. This will be a global role covering all geographies from where OnProcess Technology conducts its operations.

Responsibilities

  1. Engineer, implement and monitor security measures for protection of information and the technology infrastructure of the Company, including computer systems, networks, and applications.
  2. Identify and define system security requirements
  3. Implement solutions to improve resilience of the current technology environment
  4. Develop and implement technology solutions and new security tools to help mitigate vulnerabilities and automate repeatable tasks
  5. Configure, troubleshoot, and ensure regular upgrades of security devices, e.g., Firewalls, UTMs, Web Content Filters, Managed Switches, etc.
  6. Monitor and perform regular validation and mitigation of alerts generated by the different security solutions like Antivirus, IDS/IPS, SIEM, FIM, EDR, DLP, etc.
  7. Define and regularly update alert rulesets in security tools, like SEIM and DLP
  8. Identify, research, and document compliance requirements and information security controls (as required by clients and applicable standards) to address these requirements.
  9. Ensure periodic testing of Information Security Continuity, as applicable to networks and systems
  10. Develop and maintain documentation of security processes and activities pertaining to change control, incident management, access management, and other technical compliance requirements
  11. Actively participate in all information technology and internal and external security audits
  12. Perform other IT security and compliance related tasks as assigned by the management.

 

Requirements and Skills

 

  1. Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, patch management, etc.
  2. Familiarity with web related technologies (Web Applications, Web Services, Service Oriented Architectures) and of network/web related protocols.
  3. Up-to-date knowledge and understanding of Cisco Routing / Switching / WLC/ Cisco ASA
  4. Hands on skill in managing Windows servers, system hardening, configuring IIS, Group Policy Management, etc.
  5. Knowledge of managing and using network monitoring software, preferably SolarWinds Orion, PRTG, NetFlow and Wireshark
  6. Working knowledge of VAPT tools like Kali Linux, Nessus, Metasploit etc.
  7. Experience with one or more of the following products will be an added advantage –
    • ManageEngine Data Security Plus 
    • Fortigate firewall and web filtering, Fortclient EMS
    • ManageEngine Event Log Analyzer
    • Symantec Endpoint Protection Manager
  8. Ability to take on a variety of tasks and pay attention to details, analytical and problem-solving skills
  9. Excellent English written and verbal communication skills
  10. Teamwork skills – ability to effectively communicate and work with different teams and non-technical stake holders/ clients/ service providers

 

Qualifications

  • Degree or Diploma in Science\Engineering or Information Systems
  • Certifications in IT security technologies
  • At least 5 years work experience in IT security, covering areas like, networks and servers and technology solutions for anti-virus, patch management, IDS/IPS, access management, web content filtering, log analysis, data leakage prevention, mobile device security, etc.
  • Understanding of the global security standards, such as ISO27001, PCI DSS, GDPR, etc.

Apply