Xpetize - Information Security Engineer

About the Role : We are seeking a skilled and proactive Information Security Engineer to join our cybersecurity team. This role involves planning, implementing, and maintaining security measures to protect enterprise systems, networks, and data against internal and external threats. Youll work cross-functionally with IT, DevOps, and Compliance teams to ensure secure architecture and operations across the organization. Key Responsibilities : - Design, implement, and manage security solutions to safeguard information systems and data. - Monitor security infrastructure, logs, and systems using SIEM tools; respond to alerts and incidents promptly. - Conduct regular security assessments, vulnerability scans, and penetration tests. - Perform security investigations and forensic analysis on cybersecurity events. - Collaborate with DevOps/Cloud teams to ensure secure deployment pipelines and infrastructure. - Manage endpoint protection, firewalls, intrusion detection/prevention systems (IDS/IPS), and data loss prevention (DLP) tools. - Develop and enforce security policies, procedures, and best practices in alignment with compliance standards (ISO 27001, SOC2, HIPAA, GDPR, etc. - Provide input into secure application development practices and review source code for security issues (SAST/DAST). - Lead security awareness training sessions and educate staff on best practices. - Participate in risk assessments and audits; ensure timely remediation of identified gaps. Technical Skills & Tools : Core Security Domains : - Network Security : Firewalls, VPNs, IDS/IPS, VLANs, Zero Trust Architecture - Endpoint Security : EDR tools (e.g., CrowdStrike, SentinelOne, Microsoft Defender) - Cloud Security : AWS/GCP/Azure security best practices, IAM, Security Groups, GuardDuty, CloudTrail, Config - Identity & Access Management (IAM) : SSO, MFA, Role-based Access Control (RBAC) - Vulnerability Management : Tenable, Qualys, Rapid7 - SIEM & Logging : Splunk, LogRhythm, QRadar, Elastic Stack - Data Protection : DLP solutions, encryption (TLS/SSL, AES, PKI), tokenization - Incident Response & Forensics : Playbook creation, log analysis, malware reverse engineering basics - Compliance & Governance : ISO 27001, NIST, PCI-DSS, SOC2, HIPAA, GDPR Preferred Tools/Technologies : - Security automation via Python, PowerShell, or Bash scripting - Container Security : Kubernetes, Docker, Aqua, Prisma Cloud, Falco - Application Security : OWASP Top 10, SAST/DAST tools (Veracode, Fortify, SonarQube) - CI/CD Security : GitHub Actions, Jenkins, GitLab CI security integrations - Email Security : Proofpoint, Mimecast, DMARC/DKIM/SPF configuration Required Qualifications : - Bachelors or Masters degree in Computer Science, Information Security, or related field. - 510 years of hands-on experience in cybersecurity or IT security engineering roles. - Strong understanding of TCP/IP, OSI model, and general networking protocols. - Demonstrated experience with incident response and threat analysis. - Excellent communication and problem-solving skills. - Ability to document technical processes and create SOPs for security operations. Certifications (Preferred but not Mandatory) : - CISSP (Certified Information Systems Security Professional) - CEH (Certified Ethical Hacker) - CISM (Certified Information Security Manager) - CompTIA Security, CySA, or CASP - AWS/Azure Security Specialty certifications Why Join Us? - Work in a security-first culture with cutting-edge technologies. - Engage in impactful projects that directly contribute to organizational resilience. - Continuous learning opportunities and certifications supported. - Flexible and collaborative work environment with a focus on innovation (ref:hirist.tech)

Location: trivandrum, IN

Posted Date: 5/9/2025