2 Siem Systems Jobs

Position Overview: We are seeking an experienced Security Compliance Engineer Key Responsibilities: PCI DSS Compliance: Ensure that all aspects of our API services meet PCI DSS requirements. Conduct regular assessments, gap analysis, and provide remediation strategies. Security Controls Implementation: Design, implement, and manage security controls across the API development lifecycle to protect sensitive data and ensure compliance with industry standards. Risk Management: Identify potential security risks within the API services and infrastructure. Develop and implement risk mitigation strategies. Secure Code Review: Collaborate with development teams to perform secure code reviews, ensuring that APIs follow secure coding practices and comply with PCI DSS. Vulnerability Management: Conduct regular vulnerability scans, penetration testing, and security assessments on the API services. Work with development teams to remediate identified vulnerabilities. Incident Response: Develop and maintain incident response plans for security breaches related to API services. Lead incident investigations and ensure proper documentation and reporting. Audit Preparation: Prepare and maintain documentation for PCI DSS audits and other security compliance audits. Work with auditors to demonstrate compliance and address any findings. Training and Awareness: Provide training and guidance to development and operations teams on security best practices and compliance requirements. Foster a culture of security within the organization. Collaboration: Work closely with cross-functional teams, including DevOps, IT, and legal, to ensure that security and compliance are integrated into all aspects of the software development lifecycle. Required Qualifications: Education: Bachelors degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CISSP, CISA, CISM, PCI QSA) are highly desirable. Experience: 5+ years of experience in security engineering or security compliance roles. Proven experience with PCI DSS compliance and audit processes. Strong understanding of API security best practices, secure coding, and encryption techniques. Technical Skills: Hands-on experience with security tools such as vulnerability scanners, penetration testing tools, and SIEM systems. Proficiency in security standards and frameworks, including PCI DSS, ISO 27001, NIST, and GDPR. Familiarity with cloud security, particularly in AWS environments, and securing cloud-native applications. Soft Skills: Strong problem-solving skills and the ability to work under pressure. Excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders. A proactive mindset with a focus on continuous improvement and staying up-to-date with the latest security trends and technologies. Preferred Qualifications: Experience with DevSecOps practices and integrating security into CI/CD pipelines. Knowledge of data privacy regulations and their implications on API services. Experience working in a fast-paced, agile development environment.,

We are looking for a highly skilled and experienced Cyber Exercise Analyst to join our team in Bengaluru. The ideal candidate will have 2-4 years of experience in cyber security, with a strong background in risk strategy, digital identity, cyber defense, application security, and technology solutions. ### Roles and Responsibility Collaborate with cross-functional teams to develop and implement comprehensive cyber security strategies. Conduct thorough analysis of complex data sets to identify potential threats and vulnerabilities. Develop and maintain detailed documentation of cyber security processes and procedures. Provide expert guidance on cyber security best practices to stakeholders at all levels. Stay up-to-date with emerging trends and technologies in cyber security. Participate in incident response efforts to mitigate the impact of security breaches. ### Job Requirements Strong understanding of cyber security principles, including risk management and compliance. Experience with cyber security tools and technologies, such as SIEM systems and intrusion detection systems. Excellent analytical and problem-solving skills, with the ability to interpret complex data sets. Effective communication and collaboration skills, with the ability to work with diverse stakeholders. Ability to stay current with emerging trends and technologies in cyber security. Strong attention to detail, with a focus on delivering high-quality results. Expert knowledge of red teaming, tabletop exercises, cyber incident response, and threat intelligence processes. Experience in test documentation, red team report creation, threat intelligence report creation, and analysis for red teaming. Skilled in using information technology/security, proficient in writing technical documentation including manuals, policies, and procedures. Good time management skills and versatility to present to technical audiences. Knowledge of TIBER-EU is an added advantage.