Stay in Touch

TITLE

 

Principal Engineer, Information Security

COMPANY

 

Blue Jeans Network

LOCATION

 

Bangalore, IN

Description

As the Principal Engineer of Information Security, you will be responsible for keeping our enterprise-class cloud service secure from a variety of threats. You will report to the Director of Information Security. We are looking for a strong tech savvy engineer who is passionate about information security and work with the security team in creating a culture of security across the company. You should be an effective communicator that works with all stakeholders – across various departments within the company as well as externally with customers, partners, and vendors. You will work with security champions drawn from various Engineering teams and DevOps to design and implement mitigations for existing and imminent threats.

 

 Responsibilities:

  • Assist in defining, designing and implementing systems and processes to secure our hybrid data-center and public cloud infrastructure
  • Engage in the software development lifecycle (SDLC) to ensure secure designs and coding practices
  • Manage internal and 3rd party app security, penetration testing and bug bounty programs
  • Work closely with Operations, IT, Support and Engineering teams to monitor and remediate security incidents
  • Work with Sales and Legal teams to interface with enterprise customers' security teams during pre-sales and post-sales engagements
  • Assist with of compliance audits in the company
  • Assist in creating a culture of security-conscious employees with programs and influence

 

Qualifications: 

  • Prior role as an Information Security Engineer in an organization or a large department
  • Bachelor’s degree, with relevant on-the-job technical experience
  • 7+ years of experience in IT, Operations or Software Engineering functions
  • 5+ years’ experience in a security function at a cloud service or software company
  • Successful candidate will have a very good understanding of how to deliver products and services securely within a collaborative environment
  • Programming experience using a high level programming languages and a scripting language
  • Good communication skills with the ability to work with a disparate set of stakeholders – engineers, sales, etc. inside a company and customers, vendors, partners outside a company
  • Active membership of Information Security user groups with security certification (CISSP, CEH, GWAPT, GPEN, OSCP, etc.) will be an added plus
  • Experience identifying information protection needs and defining system security requirements, architecture, designs, and standards
  • Prior experience helping an organization achieve and maintain compliance certifications such as SOC 2 or ISO 27001 will be a plus
  • Practical understanding of latest OWASP Top 10 and CERT advisories and prior experience implementing nimble remediation strategies
  • Experience managing engineers and/or vendors responsible for app security, penetration testing, and ethical hacking/bug bounty programs
  • Hands-on experience with tools from 3rd party vendors such as Rapid7, Qualys, Whitehat Security and/or open source tools such as Nessus, Metasploit, Burp Suite, Nmap, will be a plus
  • Knowledge of deploying applications in Cloud infrastructures such as AWS/Azure will be a plus
  • Ability to maintain a flexible work schedule to enable interactions across multiple time zones with remote teams is a plus

Apply for the job

Subscribe to our blog.


 

Blog & Newsletter Signup