Cyber Security Engineer - Vulnerability Management

Job Description : Location : Bangalore (2 days in ITPL Whitefield, Bangalore & 1 day in Decathlon Anubhava, Bangalore) Way OF Working : 3 days from office Mandatory Skill : - Technical knowledge of at least one major public cloud like AWS, GCP, Azure etc- AWS is Preferred - Experience of vulnerability assessments, Penetration Testing, Web, Mobile Application & API pentest, identify access management etc - Implementation On SSDLC ( Secure software development Lifecycle) - Experience with Secure Code Review Tools such as Synk is a must have. - Devsecops experience is Preferred Responsibilities : - Support Decathlon Digital teams by helping them integrate Cybersecurity from the solution choice and design phases - Create security guidelines allowing teams to implement good practices within their scope - Take part in cybersecurity architecture reviews of Decathlon infrastructures, platforms and applications - Explore innovative Cyber topics, having an impact on the Decathlon business such as Artificial Intelligence. - Provide technical contribution to risk analyzes in collaboration with the teams responsible for the scope and our Risk Management team - Detect and qualify security vulnerabilities encountered in your daily life and propose remediation plans in collaboration with the teams in charge of the area concerned - Share your knowledge of cybersecurity with your team and more broadly, with Decathlon Digital teams - Ensure technological monitoring to guarantee the security of Decathlon's information system. Technical scope (Must have) : - Solid understanding of public cloud technologies with hands-on technical knowledge of at least one major public cloud like AWS, GCP, Azure etc. - Hands on experience of vulnerability assessments, Penetration Testing, Web, Mobile Application & API pentest, identify access management etc. - In Depth Knowledge of using Burpsuite, Metasploit, ZAP, Wireshark etc - Experience with VAPT using Qualysguard and Nessus. - Experience with security tools like Prisma Cloud etc is a must have. - Develop, implement, and maintain the SSDLC framework across all software development projects. - Proven ability to lead and manage incident response efforts. - Network: interconnection, VPN, PAM, WAF, Proxy and Load Balancing. - Conduct Architecture and Design review to provide guidance and security assurance around best practices and frameworks. - Work closely with the DevOps teams and share security insight - Experience with Secure Code Review Tools such as Synk is a must have. - Testing and Techniques - ZAP, Wireshark, Sonarqube, Metasploit etc. - Ability to document risks, security controls and evidence to ensure compliance (ref:hirist.tech)

Location: bangalore, IN

Posted Date: 11/25/2024