Senior Cloud Information Security Analyst - Pune, India - AppDirect
Description
About AppDirectBecome a digital, global citizen and enable the new generation of digital entrepreneurs around the world.
AppDirect offers a subscription commerce platform to sell any product, through any channel, on any device - as a service.
We do this by our values-driven culture—one that enables you to Be Seen, Be Yourself, and Do Your Best Work.
About YouWe're looking for talented yet humble individuals who are smart, passionate and want to drive disruption in the Information security industry.
If you thrive in a fast-paced, collaborative workplace, AppDirect provides an environment where you will be challenged and inspired every day.
If you relish the freedom to bring creative, thoughtful solutions to the table that reflect your experience and personality, there's no limit to what you can accomplish here.
What you'll do and how you'll have an impactIn the Information Security team, the Cloud Information Security Analyst will be responsible for ensuring to keep the company assets (mainly cloud) as secure as possible and prioritize mitigation activities with different stakeholders.
The analyst will collaborate closely with engineering, support and company-wide teams to coordinate the efforts required to ensure that our security and compliance programs are maintained.
The analyst will share her/his expertise with colleagues, stakeholders and the community at large.The analyst will provide recommendations for improving the capabilities of our platform, in addition to helping to monitor and protect our own environment.
What we're looking for4-6 years in similar position (partially or totally filling the requirements below is acceptable)Mandatory experience with reviewing and maintaining Cloud Security posture (AWS/Azure).
Mandatory Experience with vulnerability management, including risk based classification, remediation, and false positive analysis;
Excellent skills in spotting malicious activities and executing incident response tasks.
Mandatory experience with building and maintaining SOC (Security Operation center) activities.
Experience in building/setting up security tools to automate recurring tasks;
Good expertise in Log Management, Security Event Correlation, DLP, EDR, SIEM, CSPM, CASB, etc.
Experience with compliance and certification programs such as PCI, ISO 27001 and SOC 2 Type II;
Experience coordinating application security assessments, penetration testing, network segmentation testing, analyzing results and generating recommendations;
Must be well versed in operating systems such as Linux as well as Windows environments.
Must understand technologies like K8s, Containers, CI/CD pipeline and be able to secure them.
Excellent attitude and demonstrated experience in working with different stakeholders (Engineers, Developers, Pipeline team, etc.).
Able to own security initiatives and deliver them in timely manners (from identifying the issue till operationalizing the solution).
Able to think outside of the box and bring impactless solutions to improve the overall security posture.
Able to mind-stretch on a day to day basis in order to find win-win situations with all the stakeholders.
Able to prioritize his own work with little supervision by applying a risk based approach.
Any Information Security Certification (CEH, Security+, OSCP, etc.);
At AppDirect, we believe that innovation thrives in an environment that houses diversity of excellence, experience and thought. We respect each AppDirector as their own fingerprint; unique with no one alike.
We foster an environment of inclusion without regard to race, religion, age, sexual orientation, or gender identity enabling AppDirectors to embrace their uniqueness to do their best work.
As such, we strongly encourage applications from Indigenous peoples, racialized people, people with disabilities, people from gender and sexually diverse communities, and/or people with intersectional identities.