Senior Cyber Assurance Engineer - Cyber Security
Gurgaon, India /
Payments India - IT Operations /
PayU, a leading payment and Fintech company in 50+ high-growth markets throughout Asia, Central and Eastern Europe, Latin America, the Middle East and Africa, part of Prosus group, one of the largest technology investors in the world is redefining the way people buy and sell online for our 300.000+ merchants and millions of consumers.
As a leading online payment service provider, we deploy more than 400 payment methods and PCI-certified platforms to process approximately 6 million payments every single day.
Job description: -
PayU is recruiting for Senior Cyber Assurance Engineer - Cyber Security (L2) to join our high-performing Security Operations team. As a part of the team you will be responsible for the Planning, implementing, managing, monitoring, and upgrading of Cyber Security controls across the organization based on the business and compliance requirements.
Roles & Responsibilities: -
4-5 years of core cyber security & assurance experience.
· Driving continuous improvement in the organization’s security posture by integrating processes with standards like NIST, ISO 27001.
· Analyse highly complex business requirements, design and write technical specifications to design or redesign complex applications.
· Work closely with other groups in Information Security and other functions to ensure tight integration with broader processes (e.g. metrics, incident management, logging and monitoring)
· Provide assurance that our controls are current, implemented as designed, and operating as intended.
· Deliver quality monitoring and actionable reporting services that provide clear visibility of our security health for infrastructure related security controls
· Increase awareness to control gaps and weaknesses, and support ongoing remediation
· Collaborate with other technology teams and architects to define and develop solutions & Propose best practices/standards.
· Plan and implement system solutions to meet DLP program requirements.
· Documentation of systems designs and configurations of architected solutions; this may include conceptual, logical, and physical diagrams; new environment design documents; write ups on technical capabilities and solution configurations; etc.
Perform scans to identify and fingerprint data to be protected Develop policies to monitor protected data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage) with response rules to prevent leakage of protected data.
Should have in-depth knowledge of Implementation and management of Data Discovery/ Data Classification & Labelling /DLP Solution
Should have hands on experience of implementation and management of Email gateway security controls to protect the organisation from Phishing, Spoofing, User & Domain impersonation. Etc.
Should be familiar with ISO 27001 & PCIDSS controls.
Should be familiar with various IAM controls and SSO technology.
Good to have:
Recommend best practices to achieve security control objectives.
Security assessment across all in scope security controls.
Has basic to intermediate understanding of ATP / PIM / PAM / SIEM, cloud security, Endpoint security, Data Protection, and Incident Response Windows server, Linux OS.
Clear understanding of Security Incident Management process.
Skills for Success
· Excellent verbal, written, and interpersonal communication skills
· Good knowledge and experience of Security Monitoring tools, Cyber Incident Response
· Good knowledge and experience of Cyber Threat Intelligence
· Awareness of Cyber security issue and remediation
Ability to work effectively, as well as independently, in a team environment
Ability to work in a fast paced deadline driven environment
Ability to lead projects/initiatives with high risk and complexity
Knowledge and understanding of banking or financial services industry
Experience working in a large enterprise environment & proficient in monitoring security events from various cyber security tools.
Experience in Threat modelling, Risk assessment & Gap assessment.
Certifications (Any of the below)
Security certifications such as Security+, CCNA, IS027001, PCI DSS, Product certification (DLP, Email Gateway Security, SWZ) are highly desirable
Any Graduate in Any Specialization, B.E., B. Tech, M. Tech, B.C.A, M.C.A.
What we offer (Standard)
● A positive, get-things-done workplace
● A dynamic, constantly evolving space (change is par for the course – important you are comfortable with this)
● An inclusive environment that ensures we listen to a diverse range of voices when making decisions.
● Ability to learn cutting edge concepts and innovation in an agile start-up environment with a global scale
● Access to 5000+ training courses accessible anytime/anywhere to support your growth and development (Corporate with top learning partners like Harvard, Coursera, Udacity)
At PayU, we are a global fintech investor and our vision is to build a world without financial borders where everyone can prosper. We give people in high-growth markets the financial services and products they need to thrive. Our expertise in 18 high-growth markets enables us to extend the reach of financial services. This drives everything we do, from investing in technology entrepreneurs, to offering credit to underserved individuals, to helping merchants buy, sell and operate online. Being part of Prosus, one of the largest technology investors in the world, gives us the presence and expertise to make a real impact. Find out more www.payu.com
Our Commitment To Building A Diverse And Inclusive Workforce
As a global and multi-cultural organization with varied ethnicities thriving across locations, we realize that our responsibility towards fulfilling the D&I commitment is huge. Therefore, we continuously strive to create a diverse, inclusive and safe environment, for all of our people, communities and customers. Our leaders are committed to create an inclusive work culture which enables transparency, flexibility and unbiased attention to each and every PayUneer so they can succeed, irrespective of gender, color or personal faith. An environment where every person feels they belong, that they are listened to, and where they are empowered to speak up. At PayU we have zero tolerance towards any form of prejudice whether a specific race, ethnicity, or of persons with disabilities or the LGBTQ communities.