Information Security Specialist - Bengaluru, India - SecPod

Description

What We Do at SecPod

Security Podium (incarnated as SecPod) is a SaaS-based cybersecurity products and technology company. We believe a strong defence is better than a weak cure.

Our product SanerNow Cyber hygiene Platform is used by enterprises and MSPs of all sizes around the world to secure and manage their endpoints.

Preventing cyberattacks is our top priority. We build products and technologies that put prevention before cure. We aim at making cyber hygiene a simple daily routine, which will safeguard the IT infrastructure from emerging attacks.

As the curators of the world's largest vulnerability database with more than 175,000 checks, we have built a full-fledged cyber hygiene platform.

We focus on securing and managing endpoints, mobile computing, network infrastructure, cloud infrastructure, operational technology (OT), and the Internet of Things (IoT).

Learn More About SecPod

What We're Looking For

We are seeking a skilled and dedicated Information Security Specialist to join our team.

As an Information Security Specialist, you will play a crucial role in safeguarding our digital infrastructure and ensuring compliance with industry standards and regulations.

You will be responsible for implementing and maintaining security measures, conducting risk assessments, and responding to security incidents.

The ideal candidate will have a strong technical background in cybersecurity, excellent problem-solving skills, and a proactive approach to identifying and mitigating security risks.

Basic Qualification:

• 5+ years of experience in InfoSec
• Excellent analytical and problem-solving skills with the ability to prioritize and manage multiple tasks effectively.
• Experience in creating security policies for vulnerability management, NextGen AV, IDS/IPS, endpoint protection solutions, and SIEM security applications.
• Experience in conducting regular security assessments and audits to identify vulnerabilities and risks.
• Experience in monitoring network traffic for suspicious activity and respond to security incidents in a timely manner.
• Automating various activities using Python programming language
• Strong understanding of network security principles, protocols, and technologies.
• Strong communication and interpersonal skills with the ability to collaborate effectively with cross-functional teams.

Good knowledge of system security and cloud security (AWS/Azure)Good knowledge of system and web application (OWASP) vulnerabilitiesAbility to handle multiple tasks and conflicting priorities.

Role & Responsibilities:

Vulnerability Management:
Conduct regular vulnerability assessments to identify security weaknesses in the organization's systems and applications.

Develop and implement remediation plans to address identified vulnerabilities and ensure compliance with security best practices.·Security Policy and Compliance:Develop, implement, and update security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.

Collaborate with cross-functional teams to implement security best practices and ensure compliance with regulatory requirements (e.g., SOC-2, GDPR).


Vendor Management:
Conducting comprehensive research on security tools to align with specific requirements, overseeing the implementation of selected security solutions, negotiating pricing with vendors, and managing end-to-end vendor relations for seamless integration and ongoing support

Security Tool Management:
Manage and maintain security tools such as Firewall, NextGen AV, DLP Solution, endpoint security solutions, Microsoft 365, and other security technologies to ensure optimal performance and effectiveness

Security Monitoring and Incident Response:
Monitor security alerts and events using SIEM and other security monitoring tools.

Investigate and respond to security incidents in a timely manner, including analysis of security logs, identification of root causes, and implementation of corrective actions to mitigate risks.

Incident Reporting and Documentation:
Prepare detailed incident reports documenting security incidents, response activities, and lessons learned. Communicate findings to relevant stakeholders, including management and IT teams, and provide recommendations for improving security posture.


Threat Intelligence and Research:
Stay informed about the latest cybersecurity threats, vulnerabilities, and attack techniques.

Conduct threat intelligence research to identify emerging threats and trends, and proactively implement measures to defend against potential security risks.

Location:
Bangalore, India