Junior Data Security Engineer

Role: Data Security Engineer

Location: Bangalore

Working Hours: Rotational

Working Model: Hybrid

Intro:

Data Security Engineer plays a pivotal role in safeguarding an organization's sensitive data and ensuring that robust security measures are in place to protect against cyber threats and breaches. They work closely with IT teams, management, and other stakeholders to implement effective security strategies and maintain data integrity and confidentiality.

• Encryption and Data Protection: They are responsible for implementing encryption protocols and data protection strategies to secure sensitive data both at rest and in transit. This includes selecting encryption algorithms, managing encryption keys, and ensuring data masking or tokenization where necessary.
• Access Control: Implementing access control mechanisms to ensure that only authorized users and systems have access to specific data. This involves configuring and managing authentication systems, role-based access controls (RBAC), and enforcing least privilege principles.
• Security Audits and Compliance: Conducting regular security audits and assessments to identify vulnerabilities and ensure compliance with data security regulations, industry standards , and internal policies. They work closely with compliance teams to address findings and maintain security certifications.
• Security Awareness and Training: Educating employees and stakeholders about data security best practices, policies, and procedures to promote a culture of security awareness and compliance throughout the organization.
• Emerging Technologies and Threat Intelligence: Staying updated on the latest security threats, vulnerabilities, and technologies. Data Security Engineers evaluate new security tools and technologies and integrate threat intelligence into security operations to proactively defend against evolving threats.

Some of the things you will be doing:

• HashiCorp Vault is widely used by enterprises to enhance security and manage secrets effectively in cloud-native and hybrid environments. It addresses critical challenges related to secrets management, encryption, and access control, making it a cornerstone of modern IT security architectures. 
• Boundary addresses the security challenges associated with remote access to infrastructure and applications by providing centralized, identity-based access controls and session management. It helps enforce least privilege access principles and maintain visibility and control over access activities across distributed and dynamic environments.
• Terraform simplifies and automates the process of managing infrastructure by enabling infrastructure provisioning, configuration management, and deployment through code. It is widely adopted for its flexibility, scalability, and support for multi-cloud, hybrid cloud environments, Vault & Boundary
• Vault Radar is a product that automates the detection and identification of unmanaged secrets in code so that security teams can take appropriate actions to remediate issues.
• Vault Secrets Operator, secrets are accessed as native Kubernetes secrets, but with the advantage of being managed by HashiCorp Vault
• Implementing encryption techniques and data protection methods to safeguard sensitive data both at rest and in transit
• Designing and implementing security measures to protect data from unauthorized access, breaches, malware, and other threats
• Educating and training staff on data security best practices and procedures to enhance overall security posture
• Strong understanding of network protocols, operating systems, and infrastructure security concepts
• Ability to conduct risk assessments and develop mitigation strategies
• Working closely with other IT teams, such as network operations, system administrators, and developers, to integrate security solutions into all systems and applications
• Developing and implementing incident response procedures to handle data breaches and security incidents promptly and effectively
• Knowledge of encryption algorithms, techniques, and best practices.
• Analytical and problem-solving skills to diagnose and resolve security issues
• Ability to work collaboratively in a team environment and lead security initiatives when required
• Manage security integration into the SDLC process at CSC.
• Be productive and participate in security initiatives with minimal supervision.
• Becomes a subject matter expert for security solutions within the CSC platform.
• Use the tools and technologies used throughout CSC InfoSec.
• Own and document medium/large epics and follow through until completion.
• Present security solutions to a larger CSC audience.
• Troubleshoot issues and performance bottlenecks.
• Follow Security best practices.

 What technical skills, experience, and qualifications do you need?

• Prior experience (8+ years) in Data Security or related position.
• Technical Expertise.
• Hashi Corp Vault/Boundary/Terraform/Vault Radar/Vault Operator.
• CI/CD  - Jenkins & Groovy Scripting
• Elastic Search
• VCS - Git/GitHub
• Ansible Automation Platform
• Operating Systems – Linux/Windows
• Cloud Services – Azure/AWS
• Container Services – RHOCP/Kubernetes
• Knowledge in Java/Tomcat/Python/Weblogic/SpringBoot and etc 
• Strong foundation in core information security principles and goals.
• Proven expertise in enterprise security solutions.
• Knowledge of common and emerging security threats.
• In-depth knowledge of security best practices.
• Exceptional analytical aptitude and attention to detail.
• Effective written and verbal communication skills to articulate complex security concepts to non-technical stakeholders Ability to explain complex security topics in simple language.
• Fast learner / a strong willingness to learn.
• Good team player who is self-motivated and well organized.

CSC is a global business, legal, and financial services company based in Wilmington, Delaware, USA, providing knowledge-based solutions to clients worldwide. We have offices and capabilities in over 140 jurisdictions in the Americas, Europe, Asia Pacific, and the Middle East, and more than 8,000 colleagues. We are the business behind business.®

Visit our careers site to learn more about CSC and our commitment to our clients, communities, and each other.

CSC is committed to creating a feeling of belonging through a diverse and growth-oriented environment where everyone is valued.

CSC colleagues have global career opportunities and excellent benefits, including annual success-sharing bonuses or commission plans based on individual performance. To learn more, visit cscglobal.com/service/careers. 

We offer a range of support to colleagues with disabilities, ensuring people have the necessary resources to thrive in their roles. We encourage candidates to work closely with our talent acquisition partners to convey their specific needs. Our commitment to accessibility reflects our broader dedication to diversity and belonging,

CSC only accepts resumes from employment agencies that are part of our approved supplier program. Resumes submitted from other agencies either to talent acquisition, our hiring leaders, employees, or through any other mechanism other than our supplier process, will not be eligible to claim related fees and the submitted resumes will be considered property of CSC.

We encourage candidates to apply directly to our website and not through third-party sources.

Disclaimer: The information above describes the general nature and level of work performed by employees in this role. It is not intended to describe all duties, responsibilities, and qualifications.