Senior Security Engineer
Crimson Panda2 - 4 years Viramgam
We are looking for an ambitious and experienced security expert. Reporting to the Security Manager you will take responsibility for leading and enhancing our cyber security. The ideal candidate will understand the security risks, attack vectors and weaknesses for a gambling industry entity. Your focus will be on both internal and external security matters, bringing awareness and education to the organisation while supporting our organisation on all things security.
- Analyze threats and vulnerabilities to determine security impact and advise on remediation steps
- Help developers employ Secure Development Lifecycle to the code and components of application by performing threat modelling, architecture reviews and code reviews
- Assist Security team with ISO27001, ISO27701, ASVS, OWASP SAMM standards compliance
- Perform penetration testing of native applications (mobile and desktop), web applications and public APIs
- Provide input to product requirements/designs to address security issues and weaknesses
- Proactively detect and respond to risks, threats and incidents
- Work with SIEM system and create new data sources, correlation rules, metrics and alerting rules.
- Provide input and effort on policies and procedures throughout the Security infrastructure.
- Automate routine and time-consuming tasks
- Help with Implementation and configuration of DLP system
- Participate in continuous improvement of infrastructure and cloud services security
- Advanced knowledge of CIA triad, risk management, data privacy, security concepts and technologies
- Fluency with OWASP Top 10
- Excellent knowledge and experience of NIST, ISO27001, ISO27002, ISO27701 and GDPR.
- Deep understanding of security principles within AWS
- Knowledge of scripting languages (e.g. Python, Bash, etc)
- Knowledge of CI/CD pipelines and tools, and integration with SAST/DAST, Container security
- Microsoft cloud products stack - AzureAD, Office365, Intune, DLP
- Experience with forensic analysis
- Effective facilitation and conflict resolution skills - must be able to facilitate discussion of multiple approaches and drive resolution
- Experience with DevSecOps methodology
- Experience with Kubernetes Security
- Experience with Kali Linux tools, Burp suite, OWSAP ZAP
- Experience in online gambling environment
- Industry recognized certifications and attestations related to cloud security and penetration testing
DeliverHealth Solutions simplifies EHR and revenue cycle complexities, so providers can spend more time caring for patients and less time on documentation and technology. With clients and operations in five countries, decades of health information management, and hundreds of EHR Go Live deployment experiences, DeliverHealth offers solutions across multiple specialties in hospitals, health systems, and physician groups.