Senior Cyber Security Engineer - Incident Management (5-10 yrs)

Job Description :

We are seeking a talented Security Engineer to join our dynamic team. The ideal candidate will have a strong background in production security, DevSecOps, and extensive experience with SDLC practices and multiple security tools, including but not limited to Qualys, Black Duck, and JFrog Xray. As a Security Engineer, you will be responsible for overseeing incident response management, ensuring robust security practices throughout the development lifecycle, and implementing cutting-edge security measures to protect our systems and data.

Key Responsibilities :

- Implement and manage security measures for the protection of systems, networks, and data.

- Collaborate closely with development teams to integrate security into the SDLC.

- Conduct vulnerability assessments and implement remediation plans.

- Monitor security infrastructure for vulnerabilities and intrusions.

- Lead incident response activities and ensure timely resolution of security incidents.

- Evaluate and recommend new security tools and technologies.

- Provide technical guidance and support during security incidents.

- Develop and maintain security policies and procedures.

- Stay up-to-date with the latest security trends, threats, and vulnerabilities.

Key Requirements :

- Bachelor's degree in Computer Science, Information Technology, or related field.

- Proven experience in production security, DevSecOps, and SDLC practices.

- Strong knowledge of security tools such as Qualys, Black Duck, and JFrog Xray.

- Experience in incident response management and security incident handling.

- Excellent problem-solving skills and ability to work under pressure.

- Effective communication skills and ability to collaborate with cross-functional teams.

- Relevant certifications (e.g., CISSP, CEH) preferred.

- In addition, if the candidates has the below credentials alongside VM/DevSecOps then it will be a big help too.

- Must have hands on experience on Triaging vulnerabilities of Prisma Cloud Twistlock 2+ years

- Must have Clear understanding of Cloud Workload Protection Platform (CWPP) 2+ years

- Must have worked on any cloud security tool like prisma cloud, wiz, lacework etc.