Information security analyst

Posted: Feb. 3, 2021, 7:53 a.m. - Full Time - Pune

About the Company

AppDirect is the leading cloud service marketplace company dedicated to revolutionizing the way businesses run. We offer a cloud service marketplace and management platform that enables companies to distribute digital services. The global network of AppDirect-powered marketplaces allows businesses to find, buy, and manage the best applications the cloud has to offer.
With our award-winning platform, service providers can launch a state-of-the-art online application store within a matter of weeks, while developers can integrate once and make their software available across multiple marketplaces worldwide. Our products offer more advanced features and tools than any other competitive solution, putting AppDirect at the forefront of the rapidly evolving market for cloud services delivery.

About You

We’re looking for talented yet humble individuals who are smart, passionate, and want to drive disruption in the Information security industry. If you thrive in a fast-paced, collaborative workplace, AppDirect provides an environment where you will be challenged and inspired every day. If you relish the freedom to bring creative, thoughtful solutions to the table that reflect your experience and personality, there’s no limit to what you can accomplish here.

What you’ll do and how you’ll make an impact:

This individual will work on the Information Security team managing our security controls, while working cross functionally with several other departments to achieve results-fast. You’ll be a member of the 24/7-infosec team. This is an opportunity for an engineer who is familiar with using and securing cloud platforms. Your deep understanding of the discipline of information security will help us meet compliance requirements and address our own and our customers’ risks. You can communicate your knowledge to colleagues, stakeholders, and the community at large. You will provide recommendations for enhancing our platform’s capabilities, while also helping to monitor and secure our own environment and ensure that compliance and audit requirements are met.

What you’ll need:

  • 5+ years in Information Security experience

  • Experience with Amazon AWS services, GCP, IaaS/PaaS/SaaS

  • Experience triaging and understanding the root cause of security bugs

  • Experience in Container/Orchestration like Kubernetes and Docker

  • Experience in building/setting up security tools to automate recurring tasks

  • Expertise in Log Management, Security Event Correlation and any SIEM technology (Splunk and ElasticSearch)

  • Development experience in any programming language (Java, JavaScript, Python/Ruby or GoLang)

  • Experience with vulnerability scanners, vulnerability management systems, patch management, and host based security systems (OSSEC)

  • Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks and vulnerability and threat management tools (including network based scanners).

Nice to have:

  • Any Information Security Certification (CISSP, CEH, Security+)

  • Strong background in software development and engineering

  • Demonstrated experience contributing or collaborating with Open Source projects