Altisource Business Solutions Pvt Ltd Mumbai, Maharashtra, India
Nov 21, 2017Full time
Lead Engineer Information Security Responsibilities: Configure, document, and maintain various security devices (firewalls, proxy servers, email gateways, Host IDS, Network IDS, IPS, VPN, AAA devices, DNS servers, Assessment and monitoring tools). Examine existing infrastructure and identify weaknesses and propose remediation. Perform regular assessments which include configuration review of the environment and its applications to document any risks. (firewalls, proxy servers, email gateways, Host IDS, Network IDS, IPS, VPN, AAA devices, DNS servers,) Assess organizations applications to identify and verify common application security vulnerabilities. Utilize commercial and open source application assessment tools. Ensure adherence to information security policies and standards. Provide technical leadership for security strategy. Maintain an in-depth knowledge of industry best practices, concepts and procedures. Work as a mentor to Information security engineers and analysts. Assist in Audit, policy management, patch management and incident management activities. Required Qualifications & Certifications: Bachelors degree in Engineering, Computer science or equivalent 6 to 9 years experience Experience presenting to technical audiences. Advanced level of understanding of UNIX, Linux and Microsoft Operating Systems. Candidate should be able to write best practice guides for securing and hardening systems and network devices. Strong understanding of computer networking technologies, architectures and protocols. Proficient with various tools used in information security (open source and commercial) Ability to analyze technical risks and provide remediation steps. Excellent written and oral communication skills. Process-oriented with high attention to detail. Preferred Qualifications & Certifications: Product specific certifications such as MCSE, CCNP, CCSP, RHCE is a plus. Hands-on experience with performing applications assessments, code reviews and testing is a plus. Knowledge of business, security and privacy requirements related to international standards and legislations such as ISO 27001, SOX, PCI, SAS-70 Type II.