SAP Product Security Specialist 

India, Karnataka, Bengaluru 

994818065

What you'll do

• Keep ISBN assets secure, ensure that proper security guidelines are followed by operations teams.
• Perform security reviews, evaluate security posture of various infrastructure elements such as network, hosts, containers etc.
• Ensure that all ISBN assets are scanned for the vulnerabilities, analyze, and adjust scanning scope as needed.
• Assist in troubleshooting, diagnosing, and resolving vulnerabilities
• Review and enhance security policies that are relevant to the vulnerability management
• Align with various teams to ensure that vulnerabilities and any security deficiencies are remediated within pre-defined SLA’s to limit potential compromise.
• Support exception and risk management processes, by documenting security exception requests and risks as needed.
• Evaluate risks that the applicable vulnerabilities pose to the organization and understand the technical implementation details to assess and recommend security control improvements or identify mitigating controls
• Assist with remediation of control deficiencies identified during the audit process.
• Ensure communication and escalation of security activities to leadership, assist in the development process and operating procedures
• Assist with the reporting relevant to various ISBN Security Operation areas.
• Assist in standard device hardening guidelines and policies.
• Partner with internal teams to ensure successful security and compliance programs that align with client and regulatory compliance requirements
• Review and enhance on premise and cloud-based image creation process, to ensure compliance with security requirements.
• Participate in the Security Incident Response Team (SRT) activities as needed, helping SRT to detect, respond, contain, eradicate, and recover from security incidents in a timely manner, within the Cloud Operations and Corporate IT environments
• Support Customer, Internal and External Penetration testing requirements, assist with the vulnerabilities remediation resulting from the tests.

What you bring

• 2-3 years’ professional experience involving security, vulnerability management, risk management, compliance, and privacy of non-public personal data
• Understanding of various cloud environments (GCP, AWS, Azure) security posture and vulnerability management.
• Experience with IT security and privacy risk assessments and audits of IT general security controls
• Knowledge of Mitre and Cyber Kill Chain methods
• Vulnerability scanning experience (network, operating systems, applications, database,containers)
• Experience on Web Services
• In-depth experience in medium to complex computing environments, with advancedexperience working with virtual machines and containers (Docker, Kubernetes)
• Good working knowledge of infrastructure security concepts including firewalls, DMZs, intrusiondetection/prevention systems, network security, application security concepts, passwordmanagement, RBAC, access provisioning, SIEM and OWASP a plus
• Experience with the phases of the software development lifecycle
• Experience with common vulnerability scanning and penetration testing tools
• Knowledge of common computer security issues, including network and application vulnerabilities
• Knowledge of Linux and its security a plus
• Post-secondary qualifications involving technical analysis, financial services, problem solving, andwriting
• Thorough understanding of computer networking, routing, and protocols

​

Job Segment:Cloud, ERP, Network Security, Compliance, Testing, Technology, Security, Legal