Applications are invited from fresh graduates for the post of Information Security Engineer at Infosys, Bangalore.
Infosys Limited is an Indian multinational information technology company that provides business consulting, information technology and outsourcing services. The company is headquartered in Bangalore.
- Work closely with the Head of Cyber Security TechOps as well as with one of the Function heads who directly or indirectly report to CISO, to champion organization wide Cyber Security technology initiatives in line with the Cyber Security Strategy to ensure the CISO’s agenda is achieved as a whole.
- Responsible for effective Cyber Security technical implementations and consulting across Infosys group of companies (“Infosys” or “Organization” or “Company”).
- Liaison with all internal (ISG) and external (non-ISG) stakeholders to meet Cyber Security objectives including Subsidiary point of contacts.
- Develop, support and maintain broad suite of information security infrastructure standards, accountable for confidentiality, availability and integrity.
- Participate in the planning, design, installation, and maintenance of security systems in support of security policies.
- Develop, test and maintain security best practices for various technologies engaged in projects across organization and its subsidiaries.
- Develop enriched knowledge base of various technologies highlighting the significance of security configurations.
- Ensure adequate security recommendations are provided for business engagements and support secure infrastructure establishments.
- Evaluate business requirements against any security best practices and support with exceptions and workarounds to ensure business requirements are met without compromising security.
- Ensure software used by the business are classified and the security risks around them are appropriately notified.
- Respond to the change orders in order to ensure that the business is continued without compromising security.
- Prepare and produce comprehensive reports on security incidents and the information around the actors associated with them.
- Release and notify security patch advisories for the platforms and products consumed by the organization.
- Always keen in bringing in innovations and automations wherever possible to improve and optimize to save time and effort without compromising the quality of delivery.
- Work closely with other business units and subsidiaries to address other information security issues associated with hardening best practices.
- Constantly update to leverage new technology and threat vectors.
- Keep self completely up-to-date with the activities of other ISG Functions / Groups so as to be able to glean on the issues and whether it is in line with the Cyber Security Strategy and thus the CISO’s agenda.
Any of the below certifications are desirable though not mandatory.
- 6.11.1 MCP – Microsoft Certified Professional
- 6.11.2 MCSE – Microsoft Certified System Engineer
- 6.11.3 RHCE – Red Hat Certified Engineer
- 6.11.4 CCNA (Security) – Cisco Certified Network Associate (Security)
- 6.11.5 WCNA – Wireshark Certified Network Analyst
- 6.11.6 CeH – Certified Ethical Hacker
- 11.12 Understanding of ISO 27001 standards will be an added advantage.
Technical and Professional Requirements
Possess cross-domain knowledge in various areas of Cyber Security such as, but not limited to:
- Hardening various operating systems platforms primarily covering windows, Linux & MAC.
- In-depth understanding of various protocol suites.
- In-depth understanding of various web, Application, RDBMS & NoSQL database platforms.
- Good understanding of defense-in-depth.
- Good understanding of how patches are managed by various vendors.
- Good understanding of static and dynamic file analysis.
- Good understanding of memory analysis.
- Good understanding of virtualization, cloud & mobile platforms.
- Ability to use OSINT (Open Source Intelligence) tools to identify various attackers and attack vectors.
- Ability to automate daily routines using one or more languages / scripts like bash, power shell, perl, python, ruby, yara, c, .NET.
- Data Security->Information Security Management(IRM)
- Audit->Information Security Audit
- GRC->Information Security Compliance
- Network Security
- GRC->ISO 27001 Audit/Implementation
- Audit->ITSM Audit->ISO 20000
How to Apply?
Interested applicants can apply for the post through this link.
For more details, click the link below.