Company: Crisil
Location: Mumbai
Crisil is seeking a skilled Security Engineer with a focus on Information Security to join our team in Mumbai. This role is critical for maintaining the security posture of our servers and ensuring compliance with industry standards.
Conduct comprehensive server vulnerability assessments (VA) and meticulously track remediation efforts. Perform thorough configuration reviews to ensure strict adherence to security baselines. Leverage tools like Qualys VMDR or equivalent platforms for scanning, analysis, and reporting of vulnerabilities. Collaborate closely with system administrators to validate and promptly patch identified vulnerabilities.
Execute detailed server configuration reviews based on established CIS benchmarks and industry best practices. Propose and implement robust server hardening measures to enhance security. Guarantee compliance with relevant industry security standards and internal organizational policies.
Perform Vulnerability Assessment and Penetration Testing (VAPT) across servers and network infrastructure. Engage effectively with third-party security testing vendors to review their findings and ensure timely and effective fixes. Manage and track security incidents directly related to server vulnerabilities.
Ensure adherence to critical security standards including OWASP, ISO 27001, PCI DSS, NIST, and other relevant security frameworks. Collaborate with internal teams to effectively close security gaps identified during audits and risk assessments. Maintain comprehensive documentation of security controls, remediation plans, and compliance reports.
Evaluate security vendors, critically review their security reports, and diligently track their remediation efforts. Coordinate with third-party vendors for security audits and essential compliance checks. Ensure that vendor-provided solutions consistently meet and comply with established security policies.
Join Crisil in Mumbai to contribute to our robust information security infrastructure.
