PRINCIPAL ENGINEER - IT SECURITY

Job Description

PRINCIPAL ENGINEER - IT SECURITY PROFILE The Role: The IT Security Engineer will be a member of the Global Information Security team and spearhead Enterprise/corporate security initiatives and projects in Druva. In this role, the individual will use their deep experience with Infrastructure security to implement and maintain security controls/solutions in our corporate Information systems. In addition, they should administer and govern IT security solutions/technologies across lifecycle strategy, design, implementation, and operations. Resource would also provide cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure IT applications, operating systems, databases, and networks Devices. The individual will be accountable for continually evaluating new threats and cyber-attacks to further identify the impact on Druva critical Infrastructure/assets and Provide recommendations for improvement and risk reduction by assessing overall security posture. Location & Working Hours : Pune, offshore (flexible between IST and US-based time zones, preferred PST) Job Description and Responsibilities:
• Working knowledge of infrastructure system design/configuration and security monitoring of internet communication (e.g. Hardware Infra/operating systems, Server management, networking and Security devices, Storage, and client/ Web applications)
• Providing technical and security Solutioning leadership for all IT projects and prioritizing strategic programs, Strong analytical skills to analyze requirements and relate them to appropriate risk controls.
• Primary responsibility is to architect end-to-end security solutions and participate in the deployment, Testing, troubleshooting the solutions to ensure no performance impact on the systems. Liaison with IT architects/engineers to advise on all security-related elements for any proposed design and articulate cyber-related risks across IT functions and recommend acceptable countermeasures.
• In-depth knowledge and understanding of information risk assessment methods and concepts. Familiar with Security management Frameworks - NIST (CSF, SP 800-53), COBIT TOGAF, CIS controls, TOGAF, ,SOC2, ISO27001 and be able to apply those guidelines to the development of processes that meet requirements. This may include the development and implementation of Policies, Procedures, and security control enforcement.
• Drive & Manage infrastructure security by developing threat prevention strategies and using vulnerability management tools to understand the vulnerabilities and related security patches of major vendor products from (Microsoft, Ubuntu, Adobe, etc.). Good Knowledge on Vulnerability Management Process and Life Cycle.
• Strong knowledge of security related technologies such as WEB/URL filtering , Next generation Firewalls/IPS, endpoint protection/Antivirus Management, Privilege account Management , VPN devices, SIEM solution, Data Loss Prevention, web-proxy, HIDS and Mail server/gateway.
• Drive the organizations IT-Sec initiatives, collaborate with Druva s IT management to ensure systems and software are compatible and establish an architecture policy to ensure smooth integration of new technology as the organizations business needs grow (Computing environments, SaaS, Package Software)
• Review server and network hardening practices, virtualization configurations as they relate to security issues specific to virtualized and local data center environments and provide remediation plans to address security gaps. Incorporate best practices to ensure Secure Network Architecture.
• Good knowledge of End User Computing systems (Linux distributions, Windows, MacOS), Server and virtualization technologies (Active directory, PDC, DNS, SQL, LDAP, VMware, proxmox) and Email (SMTP, Webmail) and network (Wireless appliance, VPN, NAT, Proxy, Load Balancer).
• Research, understand and develop response to cyber threats, Perform security analysis on the different layers of the system. Configure and troubleshoot existing security infrastructure devices and security tools/agents. Develop technical solutions and onboard new security tooling to help mitigate security weakness and automate repeatable tasks
• Supports the investigation of reported security breaches/incidents, in coordination with Druva global security operations. Develop SOPs to respond to malware-related security incidents, threats, attacks and assist with investigations.
• Stay vigilant with current trends and issues in the security industry, emerging malware-related, and persistent security threats scenarios, Capable of threat hunting using a variety of available open source and vendor tools.
Key Requirements: Must have Experience and Qualifications.
• 10+ years of full-time technical experience leading Information security in multiple IT infrastructure disciplines and technology function roles, including implementation and support of an IT Security risk management program, information security practices in complex environments.
• Experience in Security Information technologies like Vulnerability Management, Server Configuration Compliance, Patch Management, Directory Services (AD/LDAP) configurations, Cloud Operations (AWS preferred), network security, data security, Information Security Standards for O/S, and Applications.
• Advanced understanding of Security zoning, network segmentation & elements like TCP/IP, networking ports and protocols, traffic flow, ID/PS, Full Packet Capture, Host-Based & Network Forensics etc. Hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), TMonitoring any packet flooding, DoS, unauthorized access Intrusion attempt, privacy breaches in real time.
• Experience implementing CIS, ISO, SANS Critical Security Controls for Enterprise managed endpoints/assets.
• Deep Understanding of VMware technology (vCenter, Esxi, vSphere) DNS security (DNS Filter, OpenDNS, cloudflare, Infoblox) Operating systems (Ubuntu, Embedded Linux, Network Operating System, Windows Server)
• Experience with Strong knowledge of EDR/anti-malware solutions (SentinelOne, Carbon Black, Crowdstrike Falcon etc.), NAC, DLP(mcafee, Symantec) , Firewall (PaloAlto, Fortinet) Application and device control, IAM (OKTA, PingIdentity etc.). SIEM, logging and monitoring frameworks like Elastic, Splunk, Prometheus.
• Experienced in vulnerability Assessments using Automated Scanners such as Nessus/Qualys/, OpenVAS, NMAP. Malware Analysis and Manual Security Testing using Kali Linux / Metasploit and other infrastructure security testing tools.
• Networking, authentication services and web Technologies (Routing Protocols, TACACS+, RADIUS, Understanding of protocols (HTTP, HTTPS, SSL, TLS) and Cryptography.
• Excellent troubleshooting skills covering a wide variety of Security applications and technology stacks with strong understanding of cyber security threats, attacks, and vulnerabilities.
• Experience with reviewing logs from a variety of sources, to include host logs and logs generated by security monitoring tools. Understanding of deception technologies to include honeypots/honeynets and honeytokens
• Tech/B.E. in Computer Science, Information Technology & Engineering or equivalent, Advanced degree is preferred. One or more technical security certifications is a plus CompTIA Security+ SSCP - Systems Security Certified Practitioner, CISSP Certified Information Systems Security Professional , CEH Certified Ethical Hacker AWS Certified Solutions Architect.
• Excellent organizational and time management skills, Self-motivated; able to work independently. Well-honed interpersonal and collaboration skills. A strong customer (business units) focus, with the ability to Influence, negotiate and manage expectations appropriately and build long-term relationships with functional stakeholders.
,

Keyskills :
it projectscertified ethical hackerlinuxdata loss preventionjavascriptframework