- 5+ Years of experience in working on Security aspects
- Must be proficient in understanding various aspects of Application Security in a cloud
- environment and should have worked on tightening the security at all levels.
- Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand
- Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint, AWS Inspector, Kali Linux)
- Experience in Mobile Application testing including iOS and Android.
- Experience with web application vulnerability scanning tools (Burpsuite Pro, Veracode)
- Experience with network/infrastructure-level penetration testing
- Excellent communication skills to collaborate with both external and internal stakeholders to maintain the overall Information Security for KloudGin.
- Must have experience on AWS landscape and understanding of security aspects related to EC2, VPC, CloudFront, WAF, Shield, Secrets Manager, Inspector, CloudTrail, CloudWatch, Systems Manager, IAM, Config, etc.
- Should be aware of various CIS Benchmarks and be able to tighten the application and database servers based on the guidance.
- Experience in Application security and Mobile security Including OWASP technologies, vulnerability research and Mitigation.
- Awareness of CISSP certification will be a plus
- AWS Certification will be a plus
- Certification in any of these or similar certifications – CEH, ECSA, OSCP will be a plus.
- To manage the Information Security Program and IT Operations at KloudGin.
- To perform web Application vulnerability scans leveraging both tools and manual checks.
- To use both DAST and SAST tools to identify the vulnerabilities and work with the developers to fix and remediate the same.
- To perform application security risk assessments.
- To conduct penetration testing using various tools and block the exposures in coordination with the development teams.
- To manage the Security features of KloudGin application and support the Presale team in responding to prospects about KloudGin infrastructure and security.
- To drive the Security Certification of the KloudGin product based on the above-mentioned security check based on the KloudGin releases.
- To drive the external Audits and Governance at KloudGin including VAPT, SOC Audits, GDPR Reviews.
- To drive and play the Project Manager role for the Disaster Recovery Drill of the application.
- Assess publicly and privately announced security vulnerabilities to determine the risk based on severity, threat likelihood and impact
- Conduct checks on server level vulnerabilities and adhere to CIS benchmarks for the environments.
- To perform log monitoring using SIEM tools and manage the threats or attacks on the application / network.
- Automation of Secrets management across the application and Environments.
- Continuously enhance the security of the application to meet the industry best practices.
- Review the latest threat in the industry and safeguard the application and environment against the same.
- Manage the Security Onboarding and Offboarding for the employees at KloudGin.
- Manage the IT Operations at KloudGin including end-point security and Antivirus management.
Employment Type :