Overview
Security Engineer Jobs in Bengaluru, Karnataka, India at Flipkart
Title: Security Engineer
Company: Flipkart
Location: Bengaluru, Karnataka, India
About The TeamThe Security Standards team is a part of the central Information security function which is primarily responsible for security standards, secure configuration reviews, architecture reviews, validating efficacy and efficiency of the existing security controls, threat modeling, assessment of the various security controls / technologies based on the gaps identified, security metrics, analytics, automation etc. This team owns the IT Security, Security controls and reviews them on a regular basis to ensure IT/Security controls are working as designed, and all features/capabilities of IT and Security products are being used to the maximum.
The InfoSec Security standards team is responsible for defining new and reviewing existing hardening standards for Flipkart and Group. This function is also responsible for reviewing and approving technical security exceptions against the defined security standards.
About The RoleFlipkart is seeking a skilled, technocrat, motivated, strong security mindset and collaborative Information Security Engineer in the Security Standards team. You will be a strong communicator and influencer, demonstrating curiosity to learn and understand the business.
What You’ll Do
Specializes in Security Standards Development, meticulously crafting security standards and protocols to fortify digital infrastructures.
Conducts comprehensive Security Standards Assessments, scrutinizing systems for gaps and vulnerabilities
Develop standards in accordance with industry recognised standards like CIS (Center for Internet Security), standards implementation and interpretation across FK Group.
Security review of the architecture for the new projects and existing infrastructure setup.
Expert in Security Configuration Reviews, ensuring optimal secure configurations and settings to mitigate risks.
Ensure efficacy of security controls deployed. Work with the technical operations team to understand security controls / tech deployed and come up with recommendations to address gaps and also take full advantage of the deployed technologies.
Conduct threat modeling based on well known standards / frameworks such as STRIDE, PASTA etc.
Identifying and defining the requirements of the overall security of the information processing systems.
Identify security gaps, exposures and develop mitigation plans
Build and execute on organizations roadmaps
Automation & Scripting as required.
Defining and maintaining security procedures, standards,guidelines and procedures as required.
Executes proactive measures to safeguard against emerging threats and collaborates cross-functionally to maintain cutting-edge security protocols.
What You’ll Need
Bachelor’s degree(B.E/B.Tech or M.S/M.Tech) in Information Technology or other related fields.
At least 3-5 years of working experience in domains related to Information security and with a very strong security mindset.
Implementation experience in Security technologies (at least 2 years) such as Next Gen Firewall / IDS/ IPS / NAC / Email Security/CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM etc.
In-depth understanding of networking concepts, protocols and in-depth knowledge of infrastructure, identity and endpoint security technology such as AD, Azure AD, Next Gen Firewall, IDS, IPD, AV, EDR, CASB, WAF, NAC, Wi-fi security, DLP, ATP, SIEM, Proxy etc.
Proficiency in CIS (Center for Internet Security) standards implementation and interpretation.
Ver…
