Security Engineering Expert

Job Description

We create and optimize solutions for a rapidly growing mature Adtech business on a global scale. We work with distributed infrastructure, petabytes of data, and billions of transactions with no limitations on your creativity. You don t have to always wait for an architect or manager to tell you what to workon, you will decide your priorities! Our tech hubs are in Redwood City and Pune.

Position Summary:

Within the Adtech environment, you have a deep understanding of the complex nature of security spanning infrastructure, applications and IT. You feel comfortable understanding security in the context of infrastructure, applications (java, open source tools). Does not hesitate digging into code to understand the subtle and obscure problems that can arise due to security vulnerabilities in the environment. You work with people, technical and nontechnical alike, to understand security posture needed to help them understand, implement changes to address them. Youre a company resource, providing best practices, guidelines, and feedback around security. You have your finger on the pulse of security across the Ad platform internally as well as from what happens externally. You have a cool head under pressure. When a technical fire occurs, you understand that putting it out should always avoid collateral damage. When you cause a fire (as everyone inevitably does), you take responsibility for it and work with the team to figure out the right way to put that fire out. You believe blaming is a waste of time: when something goes wrong, you figure out why it happened and how to prevent it from happening again in the future. Better yet, you look for how things went right in the first place and improve upon those.

About you: As a member of security team, you seek out feedback on your findings, designs and ideas and provide the same to others. You constantly ask What am I missing and How will this NOT work You dont shy away from what you dont know; you readily admit that you dont know everything, and use every resource available within and outside the company to learn what you need to know.

Responsibilities

• Work closely with users, Network, Systems, CorpIT, Database, Big Data, Engineering and business teams to identify and resolve complex security issues
• Design, recommend, and implement security improvements by evaluating current systems and procedures, researching trends, and anticipating requirements
• Protect systems by defining access privileges, control structures, and resources
• Identify abnormalities, flag problems, and report violations
• Perform periodic system penetration testing
• Perform analysis and correlation of security events from multiple sources including but not limited to events from AV, network and host based intrusion detection systems, firewall logs, system logs (Linux, Windows, Mac), Domain Controller Logs and artifacts in hosted and collocated environments
• Perform regular vulnerability scans of environment and recommend prioritized remediation of vulnerabilities found
• Evaluate, recommend and lead the effort to implement a Data Loss Prevention solution
• Uncover security violations and inefficiencies by conducting and participating in IT audits
• Upgrade system by implementing and maintaining security controls
• Provide a quarterly report on the status of PubMatic physical, data, and application security; include recent improvements and future recommendations
• Create and update annual security strategy report
• Attend educational workshops and read industry publications to grow technical knowledge and stay current on trends as it pertains to AdTech environment
• Define, implement and maintain corporate security policies and procedures
• Acquire a complete understanding of a company s technology and information systems
• Plan, research and design robust security architectures for any IT project
• Oversee security awareness programs and educational efforts
• Respond immediately to security-related incidents and provide a thorough post-event analysis
• Research security standards, security systems and authentication protocols

• 6 to 7 years of IT and applications experience (3 years of security experience preferred)
• Experience in Network Security, Information Security Policies, and Network Protocols
• Familiar with emerging technologies in the security monitoring, event correlation and alert/detection space
• Ability to correlate security events, system artifacts and IOCs and make accurate conclusions and timely remediation s
• Exceptional customer service skills
• BE/BTech/BS/BCS/MCS/MCA in Computers or equivalent

Preferred Qualifications

• CISSP Certification
• GIAC Certifications (GSEC, GIAC, GMON, GCIH, GPEN, or GWAPT)

#LI-MD1

Keyskills :
firewallnetworkingcustomer relationsidspenetration testingdata loss preventionbig datait auditopen sourceloss preventioncustomer servicenetwork securitysecurity systemsdomain controllerevent correlationsecurity controlscorporate security