CLOUDSUFI - Information Security Specialist - Security Monitoring Tools (3-8 yrs)

About Us :

Job Description -

CLOUDSUFI is a Data Science and Product Engineering organization building Products and Solutions for Technology and Enterprise industries. We firmly believe in the power of data to transform businesses and make better decisions. We combine unmatched experience in business processes with cutting edge infrastructure and cloud services. We partner with our customers to monetize their data and make enterprise data dance.

What we are looking for :

CLOUDSUFI is seeking a highly skilled Information Security Specialist to join our dynamic security team. This individual will play a crucial role in securing our cloud infrastructure, ensuring the safety of our endpoints, conducting penetration testing on various applications, and ensuring compliance with ISO 27001, PCI DSS, and other regulatory frameworks. The ideal candidate should have expertise in AWS security, Datadog monitoring, Sophos security, and penetration testing across mobile, web, and API environments. Additionally, the candidate will be responsible for enforcing the highest security standards and practices within our financial lending organization.

Key Responsibilities :

AWS Security Management :

- Secure and manage the AWS infrastructure, implementing best practices around IAM, VPC, KMS, GuardDuty, and CloudTrail.

- Conduct regular security assessments and vulnerability scans across AWS environments.

- Design and implement secure cloud network architectures and CI/CD pipelines.

- Monitor cloud environments for security risks and compliance gaps, ensuring secure application deployment and operations.

- AWS orchestration via Terraform script

Datadog Security Monitoring :

- Set up and maintain Datadog's Security Monitoring and log management systems across AWS and on-premise infrastructure.

- Configure custom alerts and dashboards to identify and respond to security incidents promptly.

- Leverage Datadog's capabilities to monitor application performance and network performance from a security perspective.

Endpoint Protection (Sophos) :

- Deploy, configure, and manage Sophos Endpoint Protection across all endpoints (servers, laptops, mobile devices).

- Monitor endpoint security status, investigating alerts, and ensuring malware, ransomware, and other threats are mitigated.

- Conduct regular security audits and provide recommendations for endpoint hardening and security improvements.

Penetration Testing :

- Conduct penetration testing on web applications, mobile applications, and APIs to identify vulnerabilities, threats, and weaknesses.

- Perform ethical hacking to uncover flaws such as SQL injections, XSS, CSRF, and others.

- Provide actionable reports with remediation steps for discovered vulnerabilities and work with development teams to ensure fixes are implemented.

Compliance and Audit :

- Ensure compliance with ISO 27001, PCI DSS, and other relevant standards in the context of a financial lending organization.

- Lead or support internal and external audits, gap analyses, and compliance activities.

- Develop and maintain compliance documentation, including policies, procedures, and risk management plans.

- Stay current with regulatory changes and ensure the organization's security practices align with updated standards.

Security Incident Management :

- Work with incident response teams to investigate, contain, and resolve security incidents.

- Perform root cause analysis of incidents and assist in developing remediation strategies.

- Ensure that incidents are documented and that lessons learned are incorporated into future security practices.

Mandatory Skills Required :

- Cloud Security (AWS): Advanced understanding of AWS security services such as IAM, KMS, CloudTrail, VPC, GuardDuty, and Inspector.

- Endpoint Security : Hands-on experience with Sophos Endpoint Protection and EDR tools.

- Penetration Testing : Experience with tools like Burp Suite, OWASP ZAP, Postman, and custom scripts to perform web, mobile, and API penetration testing.

- Security Monitoring: Proficiency in Datadog Security Monitoring, log management, and creating alerts and dashboards.

- Compliance: Deep understanding of ISO 27001, PCI DSS, and financial security regulations.

- Vulnerability Management: Experience with vulnerability scanning tools, risk assessments, and remediation techniques.

- Incident Response: Hands-on experience in incident detection, triage, and mitigation in cloud environments.

Preferred Qualifications :

- Bachelor's or Master's degree in Computer Science, Information Security, or a related field.

- Familiarity with Agile or DevOps methodologies for security integration into SDLC.

- Experience working in the financial industry, particularly in financial lending or fintech environments.

Minimum and Maximum Experience Required :

- Minimum Experience: 3-5 years of hands-on experience in information security, specifically in cloud security, endpoint protection, and penetration testing.

- Maximum Experience: 8-10 years of experience, including leading security initiatives and teams, with a focus on regulatory compliance (ISO, PCI DSS).