Job Description

Company IntroductionInnoventes Technologies ( ) is a boutique product engineering services company working with startups in Bangalore, Mumbai, Chennai, SFO and Middle East. We work closely with our clients to build world-class products - either from our office or from our client offices. We firmly believe in agile engineering practices. We have an aggressive plan to double our current strength of 60 in the current year.Security Engineer (Detection & Response Operations)Purpose of the RoleThe responsibilities of security operations range from running tasks to enabling SRE and platform teams. This role has been established to\xe2\x97\x8f Detect, respond and manage cyber threats.\xe2\x97\x8f Managing end-end communication of external bug bounty programs\xe2\x97\x8f Detect, report and follow up for remediations of cloud and internal network misconfigurations and unauthorized exposureResponsibilities\xe2\x97\x8f Monitor alerts from SIEM on a daily basis and follow up with engineering team for remediation\xe2\x97\x8f Follow security community closely and develop newly emerging threat based rules for SIEM \xe2\x97\x8f Continuous fine-tuning of existing rules in SIEM to reduce false positives \xe2\x97\x8f Handle the external bug bounty communication end-end.\xe2\x97\x8f Develop ad-hoc automations for streamlining and standardization of security alert response, bug bounty program and periodic reporting of misconfiguration and exposure related processes.\xe2\x97\x8f Conduct, report and follow up on remediations of cloud and internal network misconfigurations and unauthorized exposures\xe2\x97\x8f Conduct weekly meetings with Security Engineering Lead for discussion, planning and resolution of process blockers, SLA and TP-FP status of alerts; SLA and TP-FP status of external Bug bounty tickets; scope of improvements in the process of alert response and bug bounty program handling.Technical Skills Required\xe2\x97\x8f Working knowledge and hands-on experience with python and SQL. Current SIEM being utilized at works on python and SQL based detection rules.\xe2\x97\x8f Working knowledge in the security aspects of at least one among the top 3 (AWS / GCP / Azure) clouds.\xe2\x97\x8f Basic understanding of workings of cloud threat management solutions. \xe2\x97\x8f Basic knowledge of OWASP Top 10 / SANS 25 for understanding and handling bug bounty queries and related communication.\xe2\x97\x8f Good to have personal projects (Git repositories) solving security problem statements. \xe2\x97\x8f Good to have experience in working in cloud security operations.Educational Qualification and ExperienceB.E/B.Tech/MCA/M.Tech in Computer science/Information science/Information Technology1 to 3 years of hands-on experience in DevSecOpsHiring ProcessEach step is an elimination and the candidate has to clear each to proceed to the nextOnline Programming test2 rounds of Technical interviewManagement interview

Innoventes Technologies