Senior Information Security Engineer (Linux, Cloud)
Hyderabad India
Model N
Model N's leading cloud-based revenue management solutions for high tech and life sciences industries allow companies to impact their top-line. Maximize every revenue moment.Sr. Information Security Engineer will be a critical and high-impact individual who will work closely with several key individuals and teams and will be part of security engineers and architects who demonstrate superb technical competency, delivering mission-critical infrastructure and ensuring the highest levels of availability, performance, and security across our enterprise. Qualified candidates will have a background in Information Security, Security Incident Management, Security Operations, Threat Management and Engineering.This role reports into the Global Information Security Officer & DPO and will maintain strong relationships with all line-of-business technology groups.
Job Responsibilities:
- Administer Linux systems for Security vulnerability remediation.
- Administer and configure AWS cloud services for remediating security vulnerabilities.
- Investigate security alerts and identify a security resolution.
- Create security automation jobs on automation systems like Jenkins, ArgoCD and Ansible.
- Receiving and responding to cyber security alerts and security incident reports.
- Actively calling and leading security incident bridges and coordinating internal incident response efforts between first responders, and operations teams, and managed security services.
- Configure, support and manage SIEM and related tools, processes and procedures.
- Overseeing the incident management process and team members involved in resolving the incident.
- Collecting intrusion artifacts (e.g., source code, malware, trojans) and using discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
- Coordinating and providing expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.
- Defining information system security requirements and functionality.
- Producing formal and informal reports, briefings, and direct input to the customer.
- Support Model N business teams to achieve and maintain their security and compliance posture in accordance with regulatory requirements including but not limited to Sarbanes Oxley (SOX), SOC, ISO 27001, ISO, HIPAA, PCI-DSS, HITRUST, FedRAMP, etc. Validate on-going compliance of policies and processes/procedures in support of requirements and ensure that controls operate effectively.
- Responsible for quality and on-time execution of periodic audit activities such as change management review, SDLC review, audit of release process and CI/CD, Segregation of duties etc.
- Review architecture, integrate compliance and security into solution designs, assess risks of security gaps, and develop remediation plan. Perform follow-up activities related to remediate gaps, drive remediation efforts.
- Thorough understanding of the latest security principles, techniques, and protocols
- Can communicate to senior leaders, provide recommendations, and excels at gaining multi-team alignment.
- Knowledge of industry best practices for foundational security elements including network devices and system-level hardening
- Serve as point of contact to work closely with cross functional teams - Engineering/ product security/ IT/ corporate security teams to identify risk to the business/ product and other areas necessary to identify risks to the business.
- Display technical excellence in Cloud Native technologies as well as multidisciplinary capabilities in coding, and networking.
- Be able to map technical controls to the risk they solve and help create business justification for the necessary technical solutions
Job Qualification
- 5+ years of experience in Information Security, Security Architecture, Threat Management and Security Operations.
- Cloud security essentials in at least one of AWS, OCI, or Azure.
- Drive security vulnerability remediation on cloud assets.
- Configure AWS services for attaining security best practices and CIS benchmarks
- Broad security subject matter expertise in areas such as network security, endpoint security, malware analysis, reverse engineering, and cloud etc.
- Experience with a SIEM and SOAR platform.
- Experience with building incident response tooling and scripting language skills.
- Must have experience supporting and driving ISO 27001, SOC, PCI DSS readiness and audit (e.g., control design review, control operating effectiveness audit, assessment write -ups and control documentation review, audit evidence upload, supporting audit walkthroughs with auditors, etc.)
- Certification preferred (but not a requirement) in one or more of the following: CISA, CISM, Cloud platforms.
- Expert communicator with a track record of operating, partnering with and influencing up to and including exec-level stakeholders.
- Ability to organize, conduct and drive meetings and outcomes with little to no manager involvement. Must be aware of and deliver quality stakeholder engagement experience.
- Ability to work closely with auditors, regulators, and internal stakeholders and articulate technical concepts
- Ability to multitask and manage simultaneous projects
We’re constantly growing and may have something for you later on if this is not the right opportunity for you. Check out our career site to learn more about Model N or view other jobs: https://www.modeln.com/company/careers/
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible Automation AWS Azure CI/CD CISA CISM Cloud Compliance Cyber defense Endpoint security FedRAMP HIPAA HITRUST Incident response ISO 27001 Linux Malware Network security PCI DSS Product security Reverse engineering Scripting SDLC SIEM SOAR SOC SOX Vulnerabilities
Perks/benefits: Career development Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs