Senior Information Security Engineer

About Tech AlchemyTech Alchemy was founded in October of 2016. After successfully exiting from a previous start up, we identified a deficiency in the market related to early stage tech startups and the availability of a full service solution. This is where Tech Alchemy started, as a software development agency that not only does the development, but helps in strategy, design, development, fundraising, and any other verticals that a start up could require. We have now grown to an agency of 200+ designers, developers, and product specialists.We are an award winning design and development company and one of the most trusted brands in blockchain, web and mobile technologies. At Tech Alchemy, we help technology focused startups formulate their ideas into real-world products to keep up with the latest trends in Blockchain, Metaverse and AR.Industries we enhance with our technical expertise - Finance, NFTs, Gaming, Real Estate,E-Commerce, Food, Tokens, Health and AgricultureOur products featured by - Apple, AWS, BBC, Forbes, Product Hunt, Red Dot & Yahoo FinanceWe cover multiple parallels including UX design, branding, software development, blockchain development, business analysis and funding.For more information visit our website and portfolio.About the JobJob Title: Senior Information Security EngineerDepartment: Information TechnologyJob Location: PuneSummaryWe seek a highly skilled Senior Information Security Engineer to proactively safeguard our organization's crucial data and IT infrastructure. This role requires expertise in designing security solutions, identifying vulnerabilities, managing access controls, implementing safeguards, and swiftly responding to incidents.Responsibilities:Security Architecture & Design: Develop and maintain robust security architecture blueprints aligned with industry standards. Design and implement secure solutions spanning network, application, endpoint, cloud environments, and access management.Access Management: Implement and manage Identity and Access Management (IAM) solutions, preferably using Okta or similar tools. Design and enforce secure authentication and authorization mechanisms.Network & VPN Management: Configure and maintain network security solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), and Zero Trust Network Access (ZTNA). Securely manage and troubleshoot VPN or ZTNA solutions for remote access.Vulnerability Management: Conduct regular vulnerability assessments and penetration testing to proactively uncover system weaknesses. Prioritize and remediate vulnerabilities based on risk and business impact. Develop and execute patch management programs.Incident Response: Lead the incident response process, including detection, containment, investigation, and remediation. If required, perform forensic analysis to determine the root cause of security breaches and collaborate with IT teams to restore systems and mitigate future risks.Security Monitoring & Threat Intelligence: Implement and manage Security Information and Event Management (SIEM) solutions and related technologies. Develop and maintain comprehensive security monitoring and alerting capabilities.Endpoint Security: Manage endpoint security tools like CrowdStrike Falcon, DarkTrace Endpoint Protection Suite, or similar. Oversee endpoint protection policies, malware detection, and incident response.Email Security: Implement email security tools like DarkTrace Email, FortiEmail, or similar, including spam filtering, anti-phishing, data loss prevention (DLP), and encryption.Mobile Device Management (MDM): Implement mobile device security strategies using MDM tools. Enforce policies, manage updates, and configure security settings for mobile devices.Training & Awareness: Design and deliver security awareness training for employees across all levels. Promote a culture of security consciousness throughout the company.Must HavesBachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field.Strong understanding of information security principles, risks, and best practices.3+ years of hands-on experience in information security roles.Expertise in network security concepts, VPN, ZTNA, firewalls, and IDS/IPS.Experience with SIEM solutions, IAM tools, endpoint security, and email security.Adept at incident response processes (detection, containment, investigation, remediation).Experience in developing and delivering security awareness training.Excellent analytical, problem-solving, and communication skills.Nice to HaveCISSP, CISM, GIAC, or cloud security certifications (strong plus).Working knowledge of cloud security principles.Proficiency in vulnerability scanning and pen-testing toolsExperience with Mobile Device Management (MDM) solutions.Knowledge of security compliance frameworks (NIST, ISO 27001, PCI DSS, etc.)Scripting skills (Python, Bash, etc.).Qualifications:Education: Bachelor's or Master's degree in Computer Science, Information Security, Cybersecurity, or a related field.Experience: Minimum of 3+ years of experience in hands-on information security roles.Why join us? Chance to work on cutting edge and innovative projects in tech industryCompetitive salary with Mediclaim benefits (5 Lakhs coverage)Chance to work closely with Industry veterans including CTO & COOGrowth of start up and stability of scaling organization in one placeExcellent learning and development opportunities in Technical and Leadership areasVibrant office space with positive and enthusiastic atmosphereFlexible working hours PRB