hero

Come build with us

28
companies
440
Jobs

Staff - Cyber Security

AiDash

AiDash

Bengaluru, Karnataka, India
Posted on Wednesday, January 17, 2024
Who is AiDash?
AiDash is making critical infrastructure industries climate-resilient and sustainable with satellites and AI. Using our full-stack SaaS solutions, customers in electric, gas, and water utilities, transportation, and construction are transforming asset inspection and maintenance - and complying with biodiversity net gain mandates and carbon capture goals. Our customers deliver ROI in their first year of deployment with reduced costs, improved reliability, and achieved sustainability goals. Learn more at www.aidash.com.
What is the role?
As a Staff Cybersecurity Engineer, you will play a crucial role in protecting our company's digital assets from external and internal threats. You will be responsible for designing, implementing, and maintaining our cybersecurity infrastructure, ensuring the integrity, confidentiality, and availability of data. Your expertise will be key in identifying vulnerabilities, responding to security incidents, and developing a robust security posture for the organization.

What will you do?

  • Web Application and Network Security: Implement and manage Web Application Firewalls (WAFs) and other security measures to protect against OWASP Top 10 vulnerabilities. Develop strategies to secure web applications from common threats like Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF).
  • Advanced Threat Analysis and Penetration Testing: Lead penetration testing initiatives, identifying and exploiting vulnerabilities in systems and applications, with a focus on areas beyond XSS and injection attacks. Analyze results from pen-tests to inform security enhancements, focusing on system-level and application-level weaknesses.
  • Vulnerability Scanning and Remediation: Regularly conduct vulnerability assessments using tools like Nessus or Qualys, focusing on identifying new and emerging threats. Coordinate with IT and development teams to prioritize and remediate vulnerabilities, emphasizing secure patch management processes.
  • Incident Response and Digital Forensics: Direct incident response activities, including strategy formulation and execution for containing and mitigating cyber-attacks. Conduct forensic analysis to trace breach sources, focusing on complex attack vectors and breach methodologies.
  • Compliance, Risk Management, and Secure Coding Practices: Oversee compliance with cybersecurity regulations (e.g., GDPR, HIPAA) and standards (e.g., ISO 27001, NIST frameworks). Collaborate with software development teams to integrate secure coding practices, emphasizing defenses against sophisticated attack methods.
  • Security Training and Advocacy: Develop comprehensive security training programs, focusing on various cyber threats, secure computing practices, and the importance of data security. Champion a culture of security awareness, emphasizing proactive identification and mitigation of cybersecurity risks.

What are we looking for?

  • Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
  • 9 - 12 years of experience in cybersecurity, with a strong focus on web application security and network defense.
  • Professional certifications (CISSP, CISM, CEH, OSCP) are highly desirable.
  • Deep knowledge of OWASP Top 10, XSS, SQL Injection, and other security vulnerabilities.
  • Experience with security tools and practices for detecting and mitigating web application vulnerabilities.
  • Strong analytical skills and experience in handling complex security incidents involving web applications.
  • Excellent communication skills, with the ability to effectively convey complex security concepts.