Senior Information Security Engineer
Location
Bangalore | India
Job description
- Poppulo is seeking a Senior Information Security Engineer to join our security team.
- The role of the Senior Information Security Engineer implements preventive, detective, and response controls to protect Poppulo assets.
- They will utilize established and create new processes and capabilities to focus on incident response, application security, threat identification, analyses, and remediation.
- The Senior Information Security Engineer will support the development and maintenance of business continuity planning, data, systems, and network security for systems and controls related to their job duties.
Responsibilities:
- Develops and implements security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, and web-based systems.
- Perform application security reviews, consulting, and testing in coordination with developer operations.
- Reviews security violation reports or logs, investigates security exceptions and coordinates with internal teams or external agencies as needed.
- Planning, implementing, and managing security measures/technologies to protect the organizations information systems and networks.
- Monitoring security systems to identify alerts and leading response efforts for potential security events.
- Perform the analysis of malware, attack trends, and intel for patterns and develop automated solutions for analysis, classification, and categorization of data for further automation.
- Work with global cyber intelligence collectors to identify, contextualize, and instrument current and emerging cyber threats.
- Developing and implementing security policies and procedures.
- Providing training and support to end-users on security best practices.
- Analyzing Emails for spoofing, reading and understanding email headers, and maintaining email gateway security controls.
- Assist with Identity and Access Management (IAM) operations.
- Perform real-time detection, analysis, and response to threats via Security technologies and platforms .
- Provides subject matter expertise when needed.
- Develop and mentor junior staff through open communication, training and development opportunities, and celebrate their success.
- Participate in On-Call rotations.
- Other responsibilities, as required.
Education Experience:
- Bachelors degree in Computer Science, Information Systems, related field, or equivalent experience.
- One or more security-based certifications preferred, such as CISSP, Security +, GCIH, GCFA/E, etc
- 3+ years experience in some form of information security discipline; specialization in information security risk assessments and frameworks preferred.
- Experience with the NIST or ISO 27001/2 security frameworks.
Candidate Expertise Required:
- Strong problem-solving skills and self-motivation to learn and upskill regularly.
- Highly developed threat detection and incident response analytical skills.
- Experience working in a global hybrid environment and leading technical teams applying an agile methodology.
- Familiarity with SecOps methods, tools, and practices.
- Proven record of producing documentation relating to solutions for monitoring, processing, and alerting on security-based signals.
- The ability to work independently and across functional teams while developing key working relationships.
- Knowledge of the current threat landscape and attack vectors utilizing and massaging Threat Intelligence sources.
Strong experience in engineering and supporting solutions including but not limited to:
- Modern EDR/XDR solutions and Web application security (OWASP top 10 Knowledge).
- Containers security (Docker and Kubernetes security).
- Cloud Security: AWS (Amazon Web Services) knowledge, AWS security products/logging services. (eg, GuardDuty, CloudTrail), Azure security products/logging services.
- Deep understanding of the MITRE framework and tools (eg, DeTTCT Navigator).
- Experience on evaluating and prioritizing detection capabilities (log sources, requirements) based on MITRE ATTCK coverage.
- IT experience and understanding of common devices, equipment, environments, network diagrams systems.
- Strong communication (verbally and written) and problem-solving skills with an ability to deliver on time and work with minimal direction
Job tags
Salary