Kshema - Cyber Security Engineer - Threat Modeling

Salary : 20 - 35 LPA Job Description : Key Responsibilities : - Create and maintain appropriate documentation especially process flows and technical procedures. - Security Architecture review and Threat Modelling (Security by Design) for Kshema Products and Enterprise IT. - Requirement gathering, mapping to Azure Services and Market place appliances to meet customer needs in security operations and Regulatory compliance. - Engaging with Product development teams to implement encryption, masking, hashing, code signing etc. - Helping Business and Product teams to comply with compliance to IRDA cyber security guidelines, ISO standards and other Regulations around Data Privacy. - Perform and Review Application (SAST and DAST) and Network Security Vulnerability assessments and penetration testing. - Helping business with the Action Plan to act on the vulnerabilities in terms of Remediation. - Helping Business to respond for Cyber Security related queries from Kshema Customer and Regulators. - Perform incidental response and related duties, as required. - Create a standard set of requirements, technical designs, and recommended configurations necessary to design, implement and deploy our security capabilities in partnership with a variety of internal and external partners. - Assists with technical direction in designing and implementing security solutions for corporate technical infrastructure and business applications. - Participates in all phases of project planning in security service support, including functional requirements, design specifications, testing and quality assurance, implementation and support. - Leads technical engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement. - Evaluates and implements security services such as Azure Firewall, Entra ID, Microsoft Defender for End-Point, WAF, NSG and CSPM (Microsoft defender for cloud), encryption capabilities. - Develop test plan and implements rigorous testing prior to rollout of new systems into the production environment. - Evaluates, using security knowledge, tools and practices, vendor services and new business units, working to reduce risk for newly onboarded services or networks. Basic qualifications : - Bachelor's degree in computer science, Information Technology, or related field (or equivalent experience). - Experience with Cloud Security Assurance with multiple Cloud Service Providers (Azure, AWS, GCP) - Experience with managing cloud security assurance services. Have prior experience working with CSPM roles. - Demonstrated experience and understanding of cyber security principles, IT security controls, and related technologies and products - Prior experience in conducting Cloud Security risk assessments. - Stakeholder/ internal business management experience - Strong verbal/written communication in English, with the ability to effectively interact with professionals at all levels of responsibility and authority - Must have strong leadership capabilities with a key focus on developing others and developing the services within their remit. - Ideally have industry qualifications such as Certified Cloud Security Professional (CCSP) and/or Cloud specific qualifications. - Good to have CISSP or any cloud security related certification(AWS security specialty, or Azure security etc.) (ref:hirist.tech)

Location: hyderabad, IN

Posted Date: 11/24/2024