CSG - IT SecOps

Description:

Join GlobalLogic, to be a valid part of the team working on a huge software project for the world-class company providing M2M / IoT 4G/5G modules e.g. to the automotive, healthcare and logistics industries. Through our engagement, we contribute to our customer in developing the end-user modules' firmware, implementing new features, maintaining compatibility with the newest telecommunication and industry standards, as well as performing analysis and estimations of the customer requirements.

Requirements:

Core Skills:

Detail-oriented with strong organizational abilities.

Foundational understanding of security principles.

Excellent communication skills.

Must Have:

Secret Server or BeyondTrust

Tenable

WIZ

Good to Have:

MS Excel

Min Knowledge in Python

Jira

Job Responsibilities:

Technical Expertise:

Privileged Access Management (PAM):

Strong proficiency with Delinea's Thycotic Secret Server/BeyondTrust.

Demonstrated knowledge of Active Directory and networking.

Thorough understanding of identity lifecycle management for privileged and user accounts.

Exposure Management:

Extensive experience with Tenable and Wiz.

Proficient in executing various scans (daily, weekly, ad-hoc, monthly), including PCI Compliance, Web Application Scanning, Vulnerability Management, Attack Surface Management, and Identity Exposure.

Proven ability to coordinate vulnerability remediation efforts with asset owners (identified through Tenable/Wiz/Google Mandiant).

Digital Certificates (DigiCert):

General understanding of digital certificate concepts.

Access Reviews:

Privileged Access Reviews: Familiarity with Google Sheets and Mail Merge, along with a general understanding of Active Directory fields (e.g., nested groups, disabled/expiring accounts, Organizational Units).

AD Termination Reviews: Familiarity with Google Sheets and VLOOKUP commands, and a general understanding of Active Directory fields (e.g., disabled/expiring accounts, Organizational Units).

Security Scorecard - Ground level work experience on issues like:

P1 Issues (Critical):

Ransomware infection detected.

Domain advertised as a ransomware victim.

Malware controller observed or malware infection.

Phishing infrastructure.

Alleged breach incident.

Anonymous open proxy.

Products susceptible to ransomware exploits exposed.

P2 Issues (High):

DB or RDP services exposed to the Internet.

Certificate revoked/expired.

SSH software supporting vulnerable protocols or weak ciphers/MACs.

SSL/TLS service supporting weak protocols or cipher suites.

End-of-Life (EOL) OS/Software.

Critical/High-Severity CVSS v3.0 Vulnerabilities.

Site not enforcing HTTPS.

FTP/Telnet/rsync/VNC/SMB/PPTP services detected.

Adware installation.

Missing SPF record.

P3 Issues (Medium/Low):

Certificate lifetime exceeding best practices or without revocation control.

Malformed SPF record or SPF record containing a softfail without DMARC.

Medium/Low-Severity CVSS v3.0 Service Vulnerabilities.

Missing Content Security Policy (CSP).

Insecure HTTPS redirect pattern or redirect chain containing HTTP.

Website not implementing HSTS best practices.

What We Offer:

Exciting Projects: We focus on industries like High-Tech, communication, media, healthcare, retail and telecom. Our customer list is full of fantastic global brands and leaders who love what we build for them.

Collaborative Environment: You Can expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment — or even abroad in one of our global centers or client facilities

Work-Life Balance: GlobalLogic prioritizes work-life balance, which is why we offer flexible work schedules, opportunities to work from home, and paid time off and holidays.

Professional Development: Our dedicated Learning & Development team regularly organizes Communication skills training(GL Vantage, Toast Master),Stress Management program, professional certifications, and technical and soft skill trainings.

Excellent Benefits: We provide our employees with competitive salaries, family medical insurance, Group Term Life Insurance, Group Personal Accident Insurance , NPS(National Pension Scheme ), Periodic health awareness program, extended maternity leave, annual performance bonuses, and referral bonuses.

Fun Perks: We want you to love where you work, which is why we host sports events, cultural activities, offer food on subsidies rates, Corporate parties. Our vibrant offices also include dedicated GL Zones, rooftop decks and GL Club where you can drink coffee or tea with your colleagues over a game of table and offer discounts for popular stores and restaurants