Network & Infrastructure Security Lead

• Assists with technical direction in designing and implementing security solutions for PSW technical infrastructure and business applications
• Performs day-to-day Information Security functions pertaining to access control on various software products, network, and processes
• Ensure the data security of PSW assets including data encryption, hashing, tokenization, and key management practices that protect data across all applications and platforms
• Protect the trade related data & information that is confidential in nature
• Conduct manual application security testing and source code auditing for a variety of technologies
• Report underlying security issues and recommend enhanced security protections
• Perform incidental response and related duties, as required
• Evaluates and implements security devices such as firewalls, IDS, IPS, threat correlation tools, vulnerability scanning and penetration testing tools, encryption capabilities
• Conduct vulnerability assessment tests/penetration tests to identify any flaws in conjunction with Software Testing team and CTO.
• Perform routine audits to ensure compliance with security policies
• Research and evaluate the latest security products to combat the latest threats
• Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities – where possible identify the persons responsible for security breaches within PSW
• Schedule and oversee conduct of periodic security audits
• Knowledge and hands on with SOC/SOAR, policies implementation on network and systems, identity and access management, securing software development life cycle, DLP, threat and risk management/mitigation etc.
• Any other related duty assigned by the HOD Information Security

Requirements

• Minimum 7 to 8 years of hands-on experience in Data & information security in a large enterprise environment
• Knowledge and understanding of common information security management frameworks, such as ISO/IEC 27001, NIST, OWASP and other standards & practices
• Networking concepts related to TCP/IP, switching and routing, microservices
• Well versed with Linux and virtualization technology (VMWare)
• Understanding of security architecture definitions and its implementation
• Hands-on experience of securing routes, Next Generation Firewalls, IPS, WAF, DNS and Email security, VPN, DDOS mitigation technologies/tools and proxy services
• Experienced in Firewall, IDS/IPS, sandboxes and other security tools and technologies – Fortinet, Huawei, Cisco
• Bachelor’s degree in a technology/engineering/Information Security related field required
• Minimum 7 to 8 years of hands-on experience in Data & information security in a large enterprise environment

Benefits

• Competitive salary
• Fuel Card
• Health benefits
• Professional development opportunities
• Inclusive work culture & much more