Senior IT Security Engineer // Mumbai // 5 - 10 Yrs

Mumbai, Maharashtra
Permanent
Full-time

5 days ago

Job Description :About the Company:The client is the captive technology arm of a leading German-headquartered global insurance group. With a substantial international footprint, this financial services giant operates across more than 50 countries and employs a workforce exceeding 50,000 professionals. To deliver seamless IT solutions and support its extensive worldwide operations, the company established a dedicated technology hub in India, strategically located in Hiranandani Gardens, Powai, Mumbai. This center is crucial for the group's global technology strategy.Location: Mumbai
Designation: Senior IT Security EngineerExperience: 5-10 YrsRequirementsKey Responsibilities:· Administration of data and application security technologies· Creating, refining, and managing security rules and policies within the data and application security technologies to protect the company from web based cyber threats and vulnerabilities· Monitoring web traffic, analyzing security logs, and taking action against unusual activities· Collaborating with application development and security teams to integrate, configure and optimize the data and application security technologies· Responding quickly to security incidents, collaborating and supporting the incident response teams· Ensure that data and application security technologies are integrating with threat intelligence feeds to enhance protection against emerging risks· Continuously optimizing tool & technologies performance, minimizing latency for seamless user experience· Ensure the uptime of tool & technologies· Working with ServiceNow ITSM tool for incident, service request, change request, patch update or other operational activitiesRegularly updating the various operational documents, which include configuration document, knowledge base, rules, procedures, diagrams, asset inventory, etc.Technical Skills:· Experience with securing applications in cloud environments (e.g., AWS, Azure, Google Cloud)· Ability to identify potential threats and design countermeasures during the software development lifecycle (SDLC)· Ability to identify, prioritize, and remediate vulnerabilities using tools like Tenable Nessus· Understanding of HTTP/HTTPS protocols, RESTful APIs, and GraphQL security· Understanding of web application security principles and common vulnerabilities (OWASP Top 10)· Understanding of network protocols, firewalls, and how they relate to application security· Understanding of integrating security into CI/CD pipelines (e.g., Jenkins, GitLab CI)· Knowledge of authentication (OAuth, JWT) and session management best practices· Knowledge of container security (e.g., Docker, Kubernetes)· Familiarity with encryption standards (e.g., AES, RSA) and secure key management practices

Familiarity with Infrastructure as Code (IaC) security

Benefits

2COMS

Apply Now