Senior Information Security Engineer @ BCD Travel

Job Description

As a Senior Information Security Engineer, you will be responsible for ensuring the security and integrity of our organization's data assets. You will work closely with cross-functional teams to design, implement, and maintain data security solutions that protect against unauthorized access, data breaches, and other security threats Responsibilities Develop and implement data security policies, standards, and procedures to safeguard sensitive information. Create, develop, and implement solutions to address infrastructure and security requirements. Conduct regular security assessments and audits to identify vulnerabilities and recommend remediation measures. Drive Cloud Security Posture Management to address issues related to Config, Network, Identity, and Infrastructure Vulnerabilities. Collaborate with IT (Information Technology) and development teams to integrate security controls into data storage, processing, and transmission systems. Monitor and analyze security. events and incidents, and respond promptly to mitigate risks and minimize impact. Manage access controls and user permissions to ensure appropriate levels of data confidentiality, integrity, and availability. Stay ahead of emerging threats, vulnerabilities, and security technologies, and recommend proactive measures to enhance data security posture. Participate in incident response activities, including investigations, forensic analysis, and post-incident reviews. Communicate effectively with stakeholders, including senior management, to provide updates on data security initiatives, risks, and compliance requirements. Requirements Bachelor's degree in computer science, Information Technology, or a related field. Master's degree preferred. At least 4-7 years of experience in data security engineering or a related role. Availability required for the role: 3 PM to 12 AM. Strong understanding of data security principles, best practices, and regulatory requirements (e. g., HIPAA (Health Insurance Portability and Accountability), GDPR (General Data Protection Regulation), CCPA). Hands-on experience with data encryption technologies (e. g., AES, RSA, SSL/TLS), cryptographic protocols, and key management systems. Experience in managing network and security devices (i. e., Firewalls, IDS/IPS, SIEMs, AVMalware sandboxes, VPNs, vulnerability scanning tools, network taps, etc. ). Familiarity with DevOps tools, processes, and CI/CD systems. Proficiency in security assessment tools and techniques, such as vulnerability scanning, penetration testing, and security log analysis. Experience with cloud security platforms and services (e. g., AWS, Azure, GCP) and their native security controls. Familiarity with DevOps tools and processes, and CI/CD systems. Excellent analytical and problem-solving skills, with the ability to assess complex security risks and propose effective solutions. Effective communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Relevant certifications such as CISSP, CISM, CEH, or CCSP are a plus. This job was posted by Rashmi Seshadri from Sciometrix

Employement Category:

Employement Type: Full time
Industry: Others
Role Category: Others
Functional Area: Not Applicable
Role/Responsibilies: Senior Information Security Engineer

+ View Contact

Keyskills:   Network Security Firewalls IDSIPS Vulnerability Scanning Penetration Testing AWS Azure GCP CISSP CISM CEH CCSP Data Security Engineering Data Encryption Technologies Cryptographic Protocols Key Management Systems SIEMs AVMalware Sandboxes VPNs Vulnerability Scanning Tools Network Taps DevOps Tools CICD Systems Security Assessment Tools Security Log Analysis Cloud Security Platforms