Job Description

Role xe2x80x93 Information Security EngineerLocation xe2x80x93 Gurugram, Gr. Noida, HYD, Pune, BangaloreExperience: 6+ YearsNotice : 15 DaysFTE or SubconISO Ceritified with 1 certification is mandatory((CISSP, CCSP, GSEC, C|EH, CSSLP, OSCP) xe2x80x93

• Assists and/or leads various information security projects and initiatives throughout the year, which may include scoping, execution, documentation, and reporting, and reviewing the work of other project team members from an information security perspective.
• Provide consultative support on behalf of InfoSec to other departmentxe2x80x99s security-related efforts and projects, as needed. This includes assisting IT as well as the broader organization with helping them understand how to implement security controls, procedures, and standards.
• Support the Information Security teamxe2x80x99s risk management efforts by performing security-related risk and control assessments, developing mitigation strategies and recommendations, and managing and tracking security issues to ensure they are appropriately addressed.
• Assist our Encore entities with achieving and maintaining compliance with various information security frameworks (i.e., NIST Cybersecurity Framework, FFIEC, ISO 27001, etc.) and with industry and government rules and regulations as they relate to IT/security (e.g., SOX, PCI DSS). MINIMUM REQUIREMENTSField of Study : Graduation+. Computer Science, Information Systems, Information Security

ATTRIBUTES:

• Knowledge of countermeasures against common attacks on web applications, app servers, databases, wireless & wired networks, and related cloud technologies.
• Working knowledge of cybersecurity technology evaluation and provide feasibility assessments.
• Knowledge of security frameworks such as NIST 800-53, ISO 27001, NIST Cybersecurity Framework, CIS Critical Controls
• Knowledge in application of threat modeling or other risk identification techniques
• Experience and technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
• Ability to provide technical direction and act as a subject matter expert as it relates to information security engineering for IT, to include but not limited to Network, Cloud, Applications, and Infrastructure
• Able to articulate threat and risk modeling and able to communicate technical concepts in simple terms both verbally and in written reports.
• Preferred Information Security Certifications highly desired (CISSP, CCSP, GSEC, C|EH, CSSLP, OSCP

PREFERRED QUALIFICATIONSCERTIFICATION(S): Security+, CISSP, CCSP, AWS Security, Azure Security, etc.KNOWLEDGE, SKILLS, ABILITIES, AND OTHER ATTRIBUTES:xc2xb7 Preferred Information Security Certifications highly desired (CISSP, CCSP, GSEC, C|EH, CSSLP, OSCP, GISP, etc.)xc2xb7 Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits

NConsulting