About Security Team

Imagine working in a team, who is responsible to secure & protect the hetrogeneous
ecosystem of 1000+ dockerized microservices, Mobile Apps in a hybrid environment
of On-Prem & AWS Cloud. With responsibility of securing thousands of endpoints
including employees laptops, mobiles & other devices.

Looking for a seasoned security professional with experience in Security field

spanning across Perimeter security, Application security, Endpoint Security, Cloud
security. In this position, you will be the involved in various areas of Security
operations and will be the point-of-contact for the entire security needs in your
domain.

We don't expect you to have all the required knowledge when you join us, as many
of these skills can be picked up through experience in the job, however those who
want to gain new skills and grow must be prepared to spend time in doing suitable
research and learning. You must be eager and quick learner with decent
communication skills and must be able to use their initiative to tackle a broad range
of problems.

Prime responsibilities

• Understand & adapt to current security posture, propose ways to improve it.
• Manage/Create WAF rules to prevent traffic spikes caused by rogue bots at
perimeter itself
• Ensure & setup policies on IPS to secure outbound traffic
• Ensure endpoint security tools are 100% deployed across devices and setup zero
tolerance policies to secure company from internal breaches.
• Work with Devops team to enhance CI/CD pipelines to catch vulnerabilities at
early stage
• Get VAPT sign-offs for every single public API - without miss
• Lead SOC incident investigations, mitigation and post-mortem analysis
• Leverage/tune the SIEM to detect the breaches quickly and automate response
• Mock instrusion scenarios on periodic basis & get Red team assessments done
• Help your coworkers by creating technical documentation to host then under
detailed knowledge sharing platform for continuous improvement.
• Keep track of latest evolving technologies in the world & leverage them to drive
innovation inside the organization
• Engage with multiple teams; Engineering team, Live site Operations team to
define and implement best practices to achieve operational excellence.
• Support internal / external audits as required and maintain compliance.
• Implement automated techniques wherever possible to ease out day to day
operations
Desired Skills

• 4+ years of hands-on experience in security domain, preferably in hyper scale

cloud based e-commerce environment.
• Strong experience in perimeter protection like WAF, IPS, Bot/DDOS Mitigation
• Experience in Akamai suite CDN/WAF (Kona)/BMP is big plus
• Hands-on experience in AWS cloud security (VPC, EC2, IAM, Containers, Config,
Cloudtrail)
• Experience in AppSec like VAPT, securing CI/CD pipelines is desired
• Strong experience in levraging Next gen SIEM with SOAR/XDR capabilities -
Incident Analysis & Management
• Knowledge of End User Security platforms (EDR/DLP/NAC/UEBA).
• Experience in Red team assessments & bug bounty programs is a plus
• Good understanding of web concepts like HTTP/HTTP2/GRPC, REST Framework,
Request Headers, Cookies, DNS
• Experience in troubleshooting at network level using packet tracers, TCPDUMP,
Wireshark is added advantage.
• Prior experience in managing the SOX/PCI compliance is a plus
• Experience in working productively with cross functional teams and
creating/leading cross-functional programs to bring about greater operational
efficiency
• Strong Analytical, interpersonal and oral/written communication skills with
ability to manage multiple stakeholders is must have.