Information Security Engineer
- Nagpur, Maharashtra, India
MicroStrategy transforms organizations into intelligent enterprises through data-driven innovation. We match smart people to dynamic projects and technologies that truly challenge their talents. Curious and creative in outlook, our success is built on the talent and energy of smart and driven people. MicroStrategy (Nasdaq: MSTR) is a worldwide leader in enterprise analytics and mobility software. A pioneer in the BI and analytics space, MicroStrategy delivers innovative software that empowers people to make better decisions and transform the way they do business. We provide our enterprise customers with world-class software and expert services so they can deploy unique intelligence applications.
Ideal candidates will be located in Nagpur or within commutable distance, however remote candidates will be considered.
- Support the detection, monitoring and tracking of security vulnerabilities at the application, database, server, workstation and OS levels.
- Support AWS, Azure, and Google cloud operations in securing the public cloud environments.
- Configure and troubleshoot IAM policies, Security Groups, Service Control Policies, Role based access control, and Managed Service Identities.
- Tune-in and configure SIEM performance and events data quality to maximize log correlation efficiency.
- Configure Security Orchestration, Automation, and Response (SOAR) tools, scripts, events, and playbooks.
- Expertise in shell scripting and other programming languages, such as Python and Power Shell.
- Proficiency in understanding and using regular expressions (regex).
- Solid understanding of REST/SOAP/WSDL/XML (Web Services), HTTP Request Methods.
- Work closely with the compliance team to identify, document and implement various security controls related to NIST, FedRAMP, HiTRUST, and ISO 27001Guide the network and operations teams in implementing security best practices.
- Work with network, and systems engineering teams to promote automation, automated monitoring and administration functionality.
- Implement, and support security solutions including but not limited to Intrusion Detection/Prevention, Log Management, Data Loss Prevention, Vulnerability Management, Web Content Filtering, Web Application Vulnerability analysis and Configuration Management.
- Develop operational best practice procedural documentation for security operations staff.
- Lead the development and documentation of various systems, policies, procedures, and customer deliverables.
- Research new products and make appropriate recommendations.
- Develop detailed project plans, tasks, timelines and provide verbal and written status reports as needed.
- Conduct on-going security assessments, document, track and drive remediation activities to completion.
- Provide on-call support as needed.
- Able to work core hours of 12:30 pm and 8:30 pm IST.
- Understanding of cloud solutions and cloud security best practices in environments such as AWS and Azure.
- Minimum 5 years of experience supporting enterprise level environments.
- Must have a good understanding of the following: Log correlation, SIEM technologies (AlertLogic, ArcSight, Q1 Radar, Log Rhythm, Splunk, etc.), IDS/IPS technologies, Vulnerability Scanners (Nessus, Qualys, etc.) and other related technologies.
- Understanding of common web application vulnerabilities and familiarity with using web application scanning tools such as Burp Suite, ZAP Proxy, Acunetix, etc.
- Solid understanding of compliance requirements and standards such as PCI-DSS, HIPAA, HiTRUST, ISO 27001, SOX, FedRAMP and etc.
- Working knowledge of firewall and web filtering technologies.
- Experiences practicing ITIL framework-based processes such as Change, Problem, and Incident management in an enterprise environment.
- Excellent analytical, problem solving and troubleshooting skills.
- Good knowledge and experience designing network, system and application security architectures.
- Ability to efficiently handle multiple projects with shifting priorities.
- Demonstrated ability to anticipate and mitigate risks as well as define architectural solutions.
- Bachelor’s degree in Computer Science, Engineering or related field.
- This is a hybrid position. We work remotely although it may be necessary to come to the office from time to time (customer visits, training, team building events).
- The recruitment process includes online assessments as a necessary first step (English, logic, business design) which we send via email - please check your SPAM folder.