Principal Engineer, Cyber Risk Consulting Full-time Job
4 months ago - Consulting - Noida - 47 viewsJob Details
Job description
REQUIREMENTS:
- Total experience 13+ years.
- Extensive knowledge and experience in Cyber Risk Consulting and Security Assessment.
- Proficiency in Security Testing (VAPT), Risk Frameworks, Threat Modelling, SOC, and Security Training.
- Hands-on experience in offensive and/or defensive cyber security disciplines like penetration testing, incident handling, SOAR tools, threat hunting, and vulnerability management.
- Knowledge of key cyber security concepts: risk management, security architecture, data protection, network security, IAM, and asset management.
- Experience with cloud technologies (GCP, AWS, Azure)
- Pre-sales support, including responses to RFPs and client management.
- Technical consulting in building solutions for complex security challenges.
- Building and delivering technical presentations.
- Certification- ISO 27001 Implementer, CISSP, OSCP, or similar.
- Proven experience in troubleshooting and resolving complex integration issues.
- Strong collaboration skills to work effectively with business units and cross-functional teams.
RESPONSIBILITIES:
- Understand client business use cases and technical requirements, translating them into comprehensive technical designs that align with client needs.
- Map decisions to requirements and effectively communicate technical solutions to developers.
- Identify multiple solution options, evaluate them, and recommend the most suitable one based on the clients requirements.
- Conduct thorough security assessments of client infrastructures, identifying risks and proposing actionable mitigation strategies.
- Lead security testing processes, including Vulnerability Assessment and Penetration Testing (VAPT), Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and other security scans.
- Deploy and manage advanced security measures such as firewalls, intrusion detection systems, and encryption technologies.
- Continuously monitor systems and networks for threats, integrating multiple data sources for centralized monitoring and proactive threat detection.
- Define guidelines and benchmarks for Non-Functional Requirements (NFR) during project implementation.
- Write and review design documentation that explains the overall architecture, framework, and high-level design for developers.
- Review architecture and design for key attributes like scalability, security, extensibility, user experience, and adherence to design patterns and best practices.
- Develop and design solutions for functional and non-functional requirements, selecting appropriate technologies, patterns, and frameworks.
- Conduct Proof of Concepts (POCs) to validate that proposed designs and technologies meet project requirements.
Bachelor s or master s degree in computer science, Information Technology, or a related field.
Role: System Security Engineer
Industry Type: IT Services & Consulting
Department: IT & Information Security
Employment Type: Full Time, Permanent
Role Category: IT Security
Education
UG: Any Graduate
PG: Any Postgraduate
Company Description
Nagarro
