Job Title: IT Security Engineer

Location:

Gurgaon, Haryana, India

Work Mode: Work from Office

Span of Control: Individual Contributor

Job Summary

Managing IT security requirements of - Standards ISO 27001:2013 (ISMS), ISO22301:2012 (Business Continuity Management) - developing policies, procedures and standards to ensure the confidentiality, integrity, availability and privacy of information.
Performing periodically system, network and application’s VAPT (Vulnerability Assessment and Penetration Testing) using automated and manual approach (should have experience with various security assessment tools like Nessus professional, Burpsuite, Kali Linux, NMAP, etc.).
"Conduct IT Risks Assessment, Analyse current risks and identify potential threats and work for risks remediation.
Perform Root Cause Analysis (CA) and Corrective Action/Preventive Action (CAPA) for Information Security Incident. Involvement in corrective and preventive action, lessons learnt and identifying the best practices.
Understanding of core infrastructure protocols/services - SSL/TLS, Cipher Suites, LDAP, SNMP, SMTP, DNS, DHCP, FTP/SFTP, SSH, etc.
Monitoring SIEM security events and follow up with service owners for action on suspicious activities.
Participate in SOC 2 controls review and follow up with stackholders for remediation as required.
Monitoring compliance status of Antivirus and Security Patch management
Bitlocker encryption management
Knowledge of Microsoft Office programs (PowerPoint, Word, Excel, etc.).

- Mandatory	Any Graduate; with certification in Cyber security
- Preferred	CEH, ISO 27001:2013 Lead Auditor Certificate

Application VAPT and code review skills, Auditing skills on technology systems, internal security controls

Communication both verbal and written

Minimum 2 year and Maximum 4 years of Job Exp.