Cyber security engineer iPosted: June 15, 2022, 1:33 p.m. - Full Time - Bengaluru
It’s an exciting time to be at Infoblox. Named a Top 25 Cyber Security Company by The Software Report and one of Inc. magazine’s Best Workplaces for 2020, Infoblox is the leader in cloud-first networking and security services. Our solutions empower organizations to take full advantage of the cloud to deliver network experiences that are inherently simple, scalable, and reliable for everyone. Infoblox customers are among the largest enterprises in the world and include 70% of the Fortune 500, and our success depends on bright, energetic, talented people who share a passion for building the next generation of networking technologies—and having fun along the way.
We are looking for Cyber Security Engineer to join our Cyber Security team in Bangalore, reporting to the manager of Cyber Security Engineering. In this role, you will ensure business solution designs meet security and compliance mandates, participate in vulnerability and penetration testing, and provide security-related feedback on the design and implementation of on-prem and cloud applications. You will work with external penetration testing firms on exploitative tests of critical services and perform internal validations to work with development engineers to reduce risk.
You are the ideal candidate if you are an experienced, highly motivated cyber security engineer interested in learning new technologies and staying up to date with the cyber threat landscape. You work well in a highly dynamic environment, along with peers and senior security analysts, to research and assess vulnerabilities, threats, and attacks on multi-cloud infrastructure and SaaS products and services.
What you’ll do:
Conduct cloud infrastructure and application vulnerability assessment in an agile cloud development environment using open source and commercial tools
Validate and triage identified vulnerabilities and application security defects
Track remediation efforts of triaged vulnerabilities to their completion
Contribute to the development and maintenance of vulnerability management tools and CI/CD integrations
Provide technical documentation to development teams describing vulnerabilities and impacts
Create and maintain vulnerability management and penetration testing processes, standards, and recommendations documentation
Perform penetration testing of web applications, APIs, thick clients, mobile applications, on-prem, and SaaS services following OWASP methodologies
Research and develop proof of concepts on publicly available exploits for known/0Day vulnerabilities
What you’ll bring:
Minimum 3 years of experience in vulnerability management and penetration testing
Hands-on experience managing vulnerability scanning tools, container and dependency (OSS libraries) scanning tools, Docker and Kubernetes, security administration in AWS and Azure, CI/CD and DevOps Tooling (Git, Jenkins, CircleCI), and infrastructure as code tools (Ansible, CloudFormation, Terraform)
Experience in agile methodologies with secure software development life cycle involving SAST and DAST tools (Coverity, CodeQL, SonarQube, Contrast)
Knowledge of network security technology in areas of firewall, IPS, VPN, gateway security solutions (reverse proxies, WAF), DNS security, DoH, and DoT
Experience working with a POSIX system, such as Linux or macOS
Familiarity with Shell Scripts, Python, or Golang is a major plus
Good understanding of cyber security frameworks like OWASP, SANS, NIST, CIS, etc.
One or more security certifications, such as CEH, CISA, GSEC, OSCP, CISSP, etc.
Excellent verbal and written communication skills with strong attention to detail
MS/M.Tech or BS/B.Tech in computer science or related field, or equivalent work experience required
Apply directly at - http://app.jobvite.com/m?3SKbsmw6