Greetings from Netsach - A Cyber Security Company.

We are looking for Cloud Security Engineer /VAPT Cloud Security with 4 to 8years of strong exp. This is a full-time onsite opportunity for Dubai location. 

Mandatory Key Skills – Application Security, VAPT Cloud Security, Security Code review, API security, Platform security, IAST, SAST, DAST, Infrastructure security and Cloud Security – MS Azure. Cloud Security Specialist.

•Tools and Technologies – Expertise in Azure Security Center and Azure Policies, Burp Suite, Nessus, Checkmarx, Kubernetes, Docker, Jenkins, GitHub, OpenShift and good knowledge about micro service architecture and pipeline driven security.

Job Title: Cloud Security Engineer /VAPT Cloud Security

Exp: 4+ to 8yrs

Work Type: Full-Time

Job Location: Dubai - Onsite

Interested candidates please share your resume at emily@netsach.co.in and please register & login at netsachglobal.com and send us your resume.

Job Description

The unit’s primary purpose is to Design, Engineer & eventually Embed practical & balanced cyber / information security principles/patterns/controls into all products and platforms. Conduct security assessments, gap analysis, provide remediation to the relevant squads / stakeholders.

2.Job Purpose (Why does the job exist? What is the unique contribution made by the job holder?)

Primary/General Job Purpose: 

•Encourage ‘Shift Left’ Mindset - Proactively embed security requirements, by influencing implementation of security & privacy patterns from the start of the development cycle

•Implement via Influence - Influence stakeholders such as Product Owners, Solution Architects, Developers,Testers, Engineers & others to include security patterns into features, epics and stories in order to build secure, innovative & superior digital products for customers and employees

•Assessments – Perform security assessment and perform gap analysis to provide appropriate remediations to the teams for implementing the fixes.

Key Skills – Application Security, Security Code review, API security, Platform security, IAST, SAST, DAST, Infrastructure security and Cloud Security – MS Azure.

•Tools and Technologies – Expertise in Azure Security Center and Azure Policies, Burp Suite, Nessus, Checkmarx, Kubernetes, Docker, Jenkins, GitHub, OpenShift and good knowledge about micro service architecture and pipeline driven security.

Experience with following Components:

3.Technical Requirements

Application Security Assessment Skillset

1.Web Application Security

2.Security Code Review

3.Azure and AWS Cloud Security config review

4.Azure Virtual Desktop - AVD Security Review

5.Container Review

6.WAF rules review

Azure Security

Experience with following Components: 

1.Azure Security Center

2.Azure AD RBAC

3.Privileged Identity Management

4.Conditional Access Policies

5.Azure Advanced Threat Protection

6.Azure Information Protection and HYOK

7.Enterprise mobility with Intune MAM and MDM Policies

8.Office365 ATP and Mail-flow

9.Microsoft cloud threat intelligence

10.Microsoft Cloud Application Security – CASB setup and monitoring

11.Windows Defender ATP

12.Policy configuration for Onedrive, Sharepoint, Outlook, Teams and Office Pro Plus

13.Azure AD Hybrid Join and Password Hash Sync

14.Customer Lockbox and advanced compliance policies in Azure cloud

15.AIP Data classification and reviewing DLP policies

Soft Skills:

•Ability to collaborate with multiple stakeholders and manage their expectations from a security perspective

•Holistic thinking; must balance security and functionality using practical demonstr able examples. Must also contribute to and implement “good architecture principles” to lower technical debt

•Assertive personality; should be able to hold her/his own in a project board or work group setting

•Superlative written and verbal communication skills; should be able to explain technical observations in an easy-to-understand manner

•Ability to work under pressure and meet tough/challenging deadlines

•Influencer- must be able to convince various stakeholders (internal IT Teams, C-Level execs, Risk & Audit) of why a certain observation is a concern or not

Thank You

Emily Jha

emily@netsach.co.in

Netsach - A Cyber Security Company

www.netsachglobal.com