The point where experts and best companies meet
IBM Security Tech Lead India, Karnataka, Bengaluru 276683343
Today
Share
Required Technical and Professional Expertise
- Overall experience 8+ yrs with 5+ yrs of working experience with designing/building SaaS offerings and 3+ yrs as a security technical lead
- Domain expertise in cloud software and infrastructure technologies.
- Very good understanding in penetration testing methodologies and exploits (web apps, containers, APIs, databases, operating systems, cloud technologies, etc).
- Ability to communicate highly technical aspects to Executives, IT staffs, CISO team, auditors.
- Experience with various scripting languages (Shell, Python, Bash, etc.).
- Familiarity with OWASP Top Ten, NIST, CIS and MITRE ATT&CK
- Demonstrated experience in successful driving & execution of compliance programs for common IT security stds/regulations.
- Access Management – understand the concepts of need to know, least privilege, individual accountability, privilege access monitoring, access revalidation, etc.
- Vulnerability Management – be able to regularly scan your systems and remediate any vulnerabilities found within required time frames
- Data Protection – understand the types of data your services deal with and have measures in place to protect that data (e.g. encryption, file permissions, etc.)
- Configuration Management – understand how to securely harden a system or application upon deployment.
Preferred Technical and Professional Expertise
- Certifications / Credentials – CISSP (preferred), CCNP/CCIE (preferred), CCSP, CISA/CRISC/CISM.
- Common Attack Patterns – know what the common attack vectors facing the industry (e.g. CWE 25 or OWASP Top 10), be able to describe an attack with an example, describe what a successful exploitation/impact looks like, and what best practice remediation is.
These jobs might be a good fit
