Security Analyst II

Job Description

About the roleFlipkart is seeking a skilled, technocrat, motivated, strong security mindset and collaborative Information Security Engineer in the Security Engineering team. You will serve as an expert and be a mentor to the Security Engineering team members. You will be a strong communicator and influencer, demonstrate curiosity to learn and understand the business.What you ll do:

• Security review of the architecture for the new projects and existing infrastructure setup.
• Ensure efficacy of security controls deployed. Work with the technical operations team to understand security controls / tech deployed and come up with recommendations to address gaps and also take full advantage of the deployed technologies.
• Conduct threat modeling based on well known standards / frameworks such as STRIDE, PASTA etc.
• Identifying and defining the requirements of the overall security of the information processing systems.
• Identify security gaps, exposures and develop mitigation plans
• Build and execute on organizations roadmaps
• Automation & Scripting as required
• Defining and maintaining security procedures, standards,guidelines and procedures as required.

Posted On :About the teamThe Security Engineering team is a part of the central Information security function which is primarily responsible for architecture reviews, efficacy and efficiency of the existing security controls, threat modelling, assessment of the various security controls / technologies based on the gaps identified, security metrics, analytics, automation etc. This team owns the security controls and reviews them on a regular basis to ensure controls are working as designed and all features of a product are being used to the maximum.About the roleFlipkart is seeking a skilled, technocrat, motivated, strong security mindset and collaborative Information Security Engineer in the Security Engineering team. You will serve as an expert and be a mentor to the Security Engineering team members. You will be a strong communicator and influencer, demonstrate curiosity to learn and understand the business.What you ll do:

• Security review of the architecture for the new projects and existing infrastructure setup.
• Ensure efficacy of security controls deployed. Work with the technical operations team to understand security controls / tech deployed and come up with recommendations to address gaps and also take full advantage of the deployed technologies.
• Conduct threat modeling based on well known standards / frameworks such as STRIDE, PASTA etc.
• Identifying and defining the requirements of the overall security of the information processing systems.
• Identify security gaps, exposures and develop mitigation plans
• Build and execute on organizations roadmaps
• Automation & Scripting as required
• Defining and maintaining security procedures, standards,guidelines and procedures as required.

Open Positions :1Posted On :01-Jan-1970Skills Required :In depth knowledge of Infosec Domains, strong security mindset, Implementation experience in Security technologies (at least 2 years) such as Next Gen Firewall / IDS / IPS / NAC / CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM, cloud security, application security, endpoint security, data protection, and incident response., Security Architecture reviews etc.Posted On :In depth knowledge of Infosec Domains, strong security mindset, Implementation experience in Security technologies (at least 2 years) such as Next Gen Firewall / IDS / IPS / NAC / CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM, cloud security, application security, endpoint security, data protection, and incident response., Security Architecture reviews etc.Role :What you ll need:

• Bachelor s degree in information technology or other related field.
• Very strong security mindset
• At least 6-8 years of working experience in domains related to information security
• Minimum of 2-3 years of implementation experience in Security technologies (at least 2-3) such as Next Gen Firewall / IDS / IPS / NAC / CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM etc.
• Minimum of 2-3 years of implementation experience in Security technologies (at least 2-3) such as Next Gen Firewall / IDS / IPS / NAC / CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM, proxy etc.
• Very good understanding of Operating systems (Windows, Linux), VDI etc.
• Knowledge and understanding of cloud security.
• Good understanding of security frameworks, standards such as ISO 27001, NIST, CIS etc.
• Experience in security architecture reviews and driving cross-functional programs.
• Strong skills in security principles such as least privilege access, defense in depth, preventative vs detective controls, network security, cloud security, application security, endpoint security, data protection, and incident response.
• Solid understanding of operational and organizational structures
• Possess of information security certifications (at least two) such as CISSP/CISM/CISA/CRISC/CCSP/ISO 27001/ TOGAF etc.
• Excellent problem solving, interpersonal,communication and presentation skills.
• Able to work independently and efficiently, as well as with others, to meet deadlines in a fast-paced environment.

Posted On :What you ll need:

• Bachelor s degree in information technology or other related field.
• Very strong security mindset
• At least 6-8 years of working experience in domains related to information security
• Minimum of 2-3 years of implementation experience in Security technologies (at least 2-3) such as Next Gen Firewall / IDS / IPS / NAC / CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM etc.
• Minimum of 2-3 years of implementation experience in Security technologies (at least 2-3) such as Next Gen Firewall / IDS / IPS / NAC / CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM, proxy etc.
• Very good understanding of Operating systems (Windows, Linux), VDI etc.
• Knowledge and understanding of cloud security.
• Good understanding of security frameworks, standards such as ISO 27001, NIST, CIS etc.
• Experience in security architecture reviews and driving cross-functional programs.
• Strong skills in security principles such as least privilege access, defense in depth, preventative vs detective controls, network security, cloud security, application security, endpoint security, data protection, and incident response.
• Solid understanding of operational and organizational structures
• Possess of information security certifications (at least two) such as CISSP/CISM/CISA/CRISC/CCSP/ISO 27001/ TOGAF etc.
• Excellent problem solving, interpersonal,communication and presentation skills.
• Able to work independently and efficiently, as well as with others, to meet deadlines in a fast-paced environment.

Location :Bangalore,KarnatakaPosted On :Bangalore,KarnatakaDesirable Skills :CEH / ISO 27001 / TOGAF, least privilege access, defence in depth, preventative vs detective controls,Very good understanding of Operating systems (Windows, Linux), VDI, Possess of information security certifications (at least two) such as CISSP/CISM/CISA/CRISC/CCSP/ISO 27001/ TOGAF etc.Posted On :CEH / ISO 27001 / TOGAF, least privilege access, defence in depth, preventative vs detective controls,Very good understanding of Operating systems (Windows, Linux), VDI, Possess of information security certifications (at least two) such as CISSP/CISM/CISA/CRISC/CCSP/ISO 27001/ TOGAF etc.Years Of Exp :6 to 8 YearsPosted On :6 to 8 YearsApply Back ,

Keyskills :
siemenvironmental impact assessmentnew projectsnetworkingsecurity metricsoperating systemsidsbias for actioniso 27001threat modelinginformation securitynetwork securitycustomer relationsproblem solvingcloud security