DevOps Engineer with 3+ years of experience
2+ years' experience of working as a Security Engineer.
Must have AWS Knowledge on all the services of AWS, but should be expert in below services :
o Serverless (Lambda)
o API gateway
o EC2, ECS, VPC, IAM role, S3
Must have good knowledge in Terraform and Docker
Deploying, troubleshooting, automating, maintaining and constantly improving the systems that will keep the backend infrastructure running smoothly.
Must have good knowledge on Jenkins & Bitbucket pipelines
Experience in monitoring production system
Expert in application error analysis and debugging
MUST have knowledge of CI / CD & Cloud deployment
Tracks system performance, capacity, and use experience to create effective strategies for maintaining and improving system performance and availability
Good to have basic understanding of Python language
Good to have knowledge of microservices architecture
Develop and maintain cloud infrastructure with strong emphasis on best practices with cloud security and cost optimization.
Uses communication and documentation tools (Jira, BitBucket, Confluence, etc.) to communicate and coordinate with other team members.
Good communication skills & good team player
Strong analytical skills for effective problem solving.
Follow Agile methodology with active participation in sprint planning, sprint review and daily stand-up meetings
Proactive & Independently need to communicate with client and manage work
Develop best practices and security standards for the organization.
Regularly perform security checks and troubleshooting.
Implement new processes with the goal to optimize company's security system.
Stay up to date with latest security technology and trends.
Work with the development team.
Perform regular audits and provide reports to the management.
Monitor company's server traffic.
Review develop and implement security measures for the protection of computer systems networks and information.
Define system security requirements and prepare reports on the results.
Create technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Prepare detailed reports including assessment-based findings outcomes and propositions for further system security enhancement.
Report possible threats or software issues.
Troubleshooting problems associated to our security and network, including handling any system breaches.
Testing for vulnerabilities in our system and network and addressing any issues accordingly.
Implement security measures across the company’s IT infrastructure, and ensuring our data and network is effectively protected.
Identify and report any cyber-attacks and participate in any resulting investigation as needed.
Knowledge of VPNs, Data Loss Prevention, IDS / IPS, Web-Proxy, Security Audits and more.
Administrative duties such as system reports, communications with associated departments, and team support as needed.
Manage security responsibilities, including firewalls, proxy systems, logging, and other security devices.
Raise awareness of security policies and develop corresponding procedures.
Investigate and respond to security violations.
Designs and conducts training for corporate security education and awareness programs.
Defines security requirements and reviews systems to determine if they have been designed to comply with established security standards.
Develop new standards as necessary.
Significant experience of building and maintaining security systems.
Good experience in security systems including firewalls intrusion detection systems anti-virus software authentication systems log management content filtering etc.
Good experience with network security and networking technologies and with system security and network monitoring tools.
In-depth knowledge of database and operating system security.
Good familiarity of the latest security principles techniques and protocols.
Understanding of Web related technologies including applications services Service Oriented Architectures networking protocols and so on.
Strong problem-solving skills and ability to work under pressure.
Plus, point to have Certifications such as CISSP, GSEC, CEH or CISM.
An understanding of best practices and how to implement them at a business-wide level.
Critical thinking skills and the ability to solve problems as they arise.
Working knowledge of web application firewalls, load balancers and proxies.
Experience with the design and configuration of a network DMZ.
Experience working with information security practices, networks, software, and hardware.
Expert knowledge of TCP / IP, common protocols and standards.
Experience with DLP and IPS / IDS systems.
Experience with security scanning tools, specifically Rapid 7’s Nexpose application.
Experience with Web Vulnerability.
Other Qualifications :
Highly responsive and proven professionalism in communication, interpersonal, analytical, and organizational skills.
Strong skills implementing and configuring security components.
Ability to work in a team environment.
Ability to maintain in depth knowledge of security and networking infrastructure utilized by the company including the management and reporting of each.