Job Information
BlackBox Engineer / Sr Engineer in Mumbai, India
Industry Type: IT Services & Consulting
Department: IT & Information Security
Employment Type: Full Time, Permanent
Experience: 2-3 years
Role: System Security Engineer
Education: UG: Any Graduate & PG: Any Postgraduate
Primary Location: India, Mumbai
Work Timing: 9am - 6 pm IST
Patch Management:
OEM : Persistence
Lead the patch management process, testing of patches and its relevant updates to ensure the security, stability, and performance of customer environments.
Develop and implement a comprehensive patch management strategy aligned with customer IT goals and security requirements.
This includes establishing policies, procedures, and guidelines for patch management activities and/or adhere to existing standards, policies, processes, procedures, governance, compliance, and security standards.
Manage the process of evaluating patches to determine their criticality, impact on the customer systems, and compatibility with existing infrastructure applications as well as ensure being updated on the latest software vulnerabilities and patches released by vendors.
Coordinate with the customer IT teams to conduct thorough testing of patches in a controlled environment, such as a testing or Pre-Production Environments. Ensure patches are tested for functionality, compatibility, and potential conflicts with existing infrastructure applications.
Plan and coordinate the test deployment of patches across the customer assets applications. This involves creating deployment schedules, coordinating with system administrators and application owners, monitoring the progress of patch installations.
Collaborate with information security teams and IT Security teams to identify vulnerabilities in customer systems and prioritize patches based on risk assessments.
Review the reports on patch management activities, compliance status, and key performance indicators (KPIs) for management review.
Collaborate with various stakeholders, including IT teams, Information security teams, vendors, and business units, to gather requirements, communicate patches schedules, and address concerns.
Oversee the execution of patches updates deployments, closely monitoring progress, and addressing any issues or roadblocks that may arise. Ensure that deployments are conducted according to the defined plans, with minimal disruptions to end-users or services performance and availability.
Create the test plan for testing OS patching/upgrades and application patching/upgrades.
Create detailed test cases covering all functionalities, deployment, performance, and system stability. (pre-upgrade, upgrade, and post-upgrade scenarios, new functionalities, existing workflows, and integrations).
Documenting the test results and updating the KBs.
Participate and recommends improvements to policies, processes and procedures and manages their implementation.
Min of 3-5 years of experience in IT infrastructure and patch management on Windows , Linx and Mac machines.
Experience with ITSM/ITIL methodologies.
Ability to identify and analyze problems quickly, recommend and implement flexible creative permanent solutions.
Demonstrates ability to effectively organize and manage multiple tasks as projects, ensuring completion to meet deadlines.
Strong analytical, problem-solving skills, attention to details and the ability to work independently.
Strong facilitation and executive communication (written verbal) skills required, excellent verbal presentation skills.
Strong hands-on experience on Windows and Mac operating systems and technologies.
Solid understanding of technologies that support the services offered.
Willing to learn and apply new technologies and methodologies to improve the technology that supports the services.
Network Access Control : (NAC) Engineer
OEM : HP Aruba ClearPass
Job Description: Security Engineer – L1
- Experience/trained on HP Aruba ClearPass Policy Manager
Upgrades and configurations to support NAC Support team on maintaining all NAC support activities
Knowledge of RADIUS
Experience working with Redhat Linux
Experience working with 802.1x NAC
Experience in networking design and concepts to include TCP/IP, switching, routing, firewalls, virtual route forwarding and VLANs.
Active Directory/LDAP Experience
Experience with firewall technologies: Cisco, Checkpoint
Hands on Skills:
Hands on experience on HP Aruba Clearpass.
Experience with firewall technologies: Cisco, Checkpoint.
Hands on experience on any ticketing tool
Hands on experience on reporting
Min of 3-5 years of experience in IT infrastructure
IT Asset Management :
OEM: Everest
Job Summary:
IT Asset Management & Support is responsible for managing the organizations IT assets and providing technical support to ensure the efficient operation of IT systems. This role involves tracking and managing hardware and software assets, ensuring compliance with licensing agreements, and providing technical support to end-users. The ideal candidate will have a strong understanding of IT asset management, excellent problem-solving skills, and the ability to work in a fast-paced environment.
Key Responsibilities:
IT Asset Management:
Track and manage IT assets, including hardware, software, licenses, and warranties.
Maintain an accurate and up-to-date inventory of IT assets.
Ensure compliance with software licensing agreements and company policies.
Coordinate with vendors for procurement, maintenance, and disposal of IT assets.
Conduct regular audits of IT assets and reconcile discrepancies.
Technical Support:
Provide technical support to end-users for hardware, software, and network-related issues.
Troubleshoot and resolve technical problems in a timely and efficient manner.
Assist in the setup, configuration, and maintenance of IT equipment.
Manage user accounts and permissions in various systems.
Document technical issues and resolutions in the helpdesk system.
Privilege Access Management Engineer
OEM: Sectona
Key Responsibilities:
operating with cloud platforms, container technologies, APIs and event-driven automation
strong hands-on architecture, engineering, or operations experience with Privilege Access Management (PAM) products
Deploy and manage PAM solutions to ensure secure and compliant access to privileged accounts.
Configure and maintain JIT access protocols to enhance security while minimizing risks.
Oversee Dynamic Privilege Administration processes to ensure that permissions are granted appropriately based on user roles and responsibilities.
Ensure that PAM practices comply with SOX and other relevant regulatory requirements.
Conduct regular audits and assessments of privileged access management processes and recommend improvements as necessary.
Identify, analyze, and respond to security incidents involving privileged accounts.
Work with cross-functional teams to develop risk mitigation strategies and improve overall security posture.
Develop and maintain comprehensive documentation related to PAM policies, procedures, and configurations.
Generate and present reports on PAM activities, compliance status, and security incidents to stakeholders.
Lead and perform changes to the solutions, removing any unnecessary services that may pose security risks
Understand the risks and impact to systems in our corporate environment, considering their interconnectivity
Develop enterprise-grade high-availability solutions, running sophisticated arrangements of operating systems, including system updates, log analysis, access controls, and backup
Experience leading the engineering, implementation, and maintenance of solutions throughout the enterprise, according to policy and risk assessments
Demonstrated experience in integrating and maintaining PAM solutions on an enterprise scale, ensuring a comprehensive and detailed approach
Excellent verbal and written communication skills, enabling you to collaborate successfully with other groups and effectively convey sophisticated technical concepts
Strong ability to handle evolving and complicated objectives, adapting to changing circumstances and successfully implementing/manage / maintain solutions
Vulnerability Management Engineer
OEM: Rapid 7
Key Responsibilities:
understanding of various IT technologies (IT infrastructure and application level)
Hands on experience in assessing and evaluating vulnerabilities with understanding of the issue, inform respective IT Technology Owner and provide guidance on recommended action and monitor the execution.
utilizing CVEs, collecting and processing information from vulnerability databases.
IT general knowledge, principles of software development and understanding of web technologies,API, etc .
working with leading industry products and services (eg Qualys, Rapid 7,Nessus, Security Scorecard, BitSight, ServiceNow etc ),
assessing and evaluating cloud-based solutions and cloud services.
Application Performance Monitoring Engineer
OEM: Everest
Job description
Manage incident resolution against established SLAs. Maintain detailed and up-to-date documentation of issues, resolutions of the solution procedure.
Key Responsibilities:
Strong written and verbal communication, interpersonal, presentation, client service and business writing skills.
Hands on experience with APM (Application performance monitoring)
Implement Application Performance Monitoring (APM) solutions
Strong troubleshooting skills, effective server resource management, and database management knowledge (SQL and NoSQL databases)
Experience with Linux and Windows servers
IT operations skills, including troubleshooting, server management, database management, network troubleshooting (e g, DNS management, SSL certificates, domain management).
Experience with monitoring, APM, and alerting tools
DLP-Data Loss Prevention Engineer
OEM: GTTB
Key Responsibilities:
Design, implement, and manage enterprise data loss prevention solution (Email, Endpoint and Cloud)
Deploying and configuring DLP solutions and tools to monitor and protect data across an organization's network, endpoints, and cloud environments.
Developing DLP policies and rules that define how data should be handled and protected, including identifying sensitive data types and their allowable use.
Data Discovery, Scanning and identifying sensitive data within an organization, classifying it, and creating an inventory of sensitive data assets.
Perform regular DLP Discovery scans and audits to identify and address any security gaps and Monitor DLP alerts generated through the ticketing system and DLP technologies to triage, investigate, and resolve DLP incidents
Work with Vendor to troubleshoot Platform issues. Plan and rollout DLP upgrades for console and agents
Participate in continuous improvement processes to drive efficiencies and automations.
Ensuring that the organization complies with data protection regulations and industry-specific standards by implementing DLP controls.
Identifying data security risks and vulnerabilities and developing strategies to mitigate them & Staying up to date with the latest threats, vulnerabilities, and trends in data security and DLP technologies.
Secondary responsibilities will also include managing EDR, CASB and other security devices
Packet capture (PCAP) Engineer
OEM: Vehere
Job Description: -
As a Security Engineer working in Managed security center (SOC), you will be responsible for managing the security environment consisting of Network behavioral anomaly detection.
Key Responsibilities:
• Proven knowledge of incidence forensics and correlation of packets captured using Vehere product
• Generate various dashboard view
• Develop Reports for customer
• Good understanding of TCP/IP and UDP
• Good understanding of general security products and controls
• Good understanding of SOC/security management workflows in enterprise organizations.
• Experience in customer-facing roles.
• Strong Application / Operating System / Networking troubleshooting skills
• Good Analytical & development skills.
• OS expertise (Linux, RHEL, CentOS)
• Excellent oral and written communication skills.
• Analyze captured network traffic and conduct incident forensics.
• Manage Backup, Archiving and Restore of PCAP data.
• Generate reports and highlight compromises
• Maintain and update the tool.
Active Directory-Management Windows Engineer
OEM: Open Text
Job Description:-
Technical Support Specialists are responsible for providing exceptional technical support on OpenText products. As a Technical Support Specialist, you will reproduce, troubleshoot, and resolve customer issues. You will identify defects and escalate to OpenText Product Engineering, and test software patches for customers. You will be recognized by your peers as an expert in your chosen product area. This position offers you an opportunity to learn exciting technologies and exercise critical and creative thinking. Our strong team-based environment ensures that our team members support each other to deliver excellent Customer Experience.
Key Responsibilities:
Strong understanding of AD Attributes, LDAP Queries, PowerShell Scripting to Modify AD Attributes, Group Policy Analysis, GPO Configuration & Item-Level Targeting, Workstation Configurations, Browser Configuration Settings, familiarity with VMView and other Applications that integrated with Active Directory
Strong knowledge of permissions that are granted natively to various Microsoft Built-In Groups to perform Active Directory Administrative Functions, knowledge of native permissions granted when building AD objects, knowledge of permissions granted natively to Built-In Groups via GPOs and/or Local Policies
Thorough functional understanding and ability to configure Active Directory Server Roles (CAs, IIS, File/Print, DNS)
Working knowledge of GPOs, AD Sites, Replication Topology, and native AD troubleshooting tools
The Active Directory Engineer will plan, support, implement and design a directory synchronization system for Microsoft Active Directory and Windows-based systems across the enterprise, including directory and identity management solutions
Implementation of Business driven changes, Configuration of Group Policies and Integration of AD Management tools/services
Analysis, design and implementation of Active Directory and Identity Management solutions
Independently manage and perform engineering lead role for large scale Active Directory with manage tool and Identity Management projects
Analyze current Active Directory environment to identify both technical and operational challenges and develop solutions for improvement
Analysis, design, capacity planning and implementation of Active Directory Security
Endpoint Detection and Response (EDR) Engineer
OEM: Cisco
Key Responsibilities:
Project and delivery management experience 2+ years EDR administration including hands on working with EDR tools performing requirements gathering, deployment, configuration, and conducting threat hunting & with operational information security disciplines (e.g. incident response, security infrastructure management, or monitoring services)
As an Endpoint Detection and Response (EDR) Tools Engineer, the candidate will be part of the internal team responsible for deploying, operating, and maintaining the global EDR platform. The candidate will provide support for EDR tools in the environment. The candidate must be able to communicate with the Security Operations and Incident Response teams to identify adjustments and modifications to be made to the EDR toolset.
Lead and oversee deployment, operation, and maintenance of the global EDR platform
Provide support response to other security teams in respect to the EDR platform
Identify adjustments and modifications for configuration
Identify new opportunities for tools to incorporate into the EDR platform
work with cross functional teams to identify the right mix of processes and technology to implement solutions to support the needs of the internal and external customers.
Continually work on the optimization of EDR and integrated solutions, including refinement data produced, development of automated workflows or playbooks, and integration of the EDR data with complementary security solutions, including SIEM, SOAR, etc.
Establishing technical processes and tools focused on the incident response lifecycle. Preparation; Detection and Analysis; Containment, Eradication, and Recovery; and Post-Event Activity.
Work to integrate cybersecurity data using enterprise or custom tools data aggregation and analysis tools and similar complementary security solutions.
Manage projects to completion both individually and in a group as well as mentoring others and orchestrating team efforts for problem solving
Serve as an escalation point to triage and remediate security events in a SOC environment by leveraging data collected from security solutions.
Provide support in an operations and maintenance role, including ticket work information updates, issue responses, and remediation.
Provide content on deliverables, including written reports and technical documents, SOPs and configuration guides, and training and briefing materials
Collaborate and consult with peers, colleagues, and managers, etc. to resolve issues and achieve goals
Daily security activities related to the protection of corporate and other federal assets including scanning tools and ticketing systems documenting the identification and remediation process for identified system flaws
Provide information to system owners of flaws identified within that groups responsible systems.
Assist in risk assessment duties including reporting and oversight of remediation efforts
Research, analysis, and response for alerts; including log retrieval and documentation.
Conduct analysis of network traffic and host activity across a wide array of technologies and platforms.
Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts.
Enterprise-level experience managing the remediation of vulnerabilities in two or more of the following areas:
Server / system Operating Systems (Windows , Red Hat, CentOS)
Network (Cisco, Fortinet, Palo Alto, F5, McAfee)
Storage
Manage multiple projects with various priority levels and time lines from start to finish
Develop and maintain accurate documentation for internal procedures and services
Maintain knowledge of outstanding vulnerability management issues and ensure remediation timelines are completed by required guidelines
Thorough understanding of how to calculate CVSS v2 and v3 adjusted scores
Must collaborate with other departments to resolve complex issues and be detail oriented
Identity Access Management Engineer
OEM: Cymmetri
Overview:
We are seeking a highly skilled and experienced IDAM Solution Expert to join our team. The ideal candidate will have a deep understanding of identity and access management principles, technologies, and best practices. You will be responsible for implementing, and managing our organization's IDAM solutions, ensuring secure and efficient access to critical systems and data.
Key Responsibilities:
Implementation and Configuration:
Configure and deploy IDAM solutions, including identity providers, identity stores, and access management tools.
Integrate IDAM solutions with various systems and applications, ensuring seamless user experience and security.
Configure access controls, role-based access control (RBAC), and privilege management policies.
Security and Compliance:
Implement strong security measures to protect sensitive user data and system access.
Stay up-to-date with industry best practices and security standards.
Conduct regular security audits and vulnerability assessments.
Troubleshooting and Support:
Diagnose and resolve IDAM-related issues, providing timely and effective solutions.
Provide technical support to end-users and IT teams.
Manage IDAM projects, including planning, execution, and monitoring.
Collaborate with cross-functional teams to ensure successful project delivery.