CSG – IT SecOps IRC278842

Description

Join GlobalLogic, to be a valid part of the team working on a huge software project for the world-class company providing M2M / IoT 4G/5G modules e.g. to the automotive, healthcare and logistics industries. Through our engagement, we contribute to our customer in developing the end-user modules’ firmware, implementing new features, maintaining compatibility with the newest telecommunication and industry standards, as well as performing analysis and estimations of the customer requirements.

Requirements

 

Core Skills:
Detail-oriented with strong organizational abilities.
Foundational understanding of security principles.
Excellent communication skills.

Must Have:
Secret Server or BeyondTrust
Tenable
WIZ

Good to Have:
MS Excel
Min Knowledge in Python
Jira

Job responsibilities

Technical Expertise:

Privileged Access Management (PAM):
Strong proficiency with Delinea’s Thycotic Secret Server/BeyondTrust.
Demonstrated knowledge of Active Directory and networking.
Thorough understanding of identity lifecycle management for privileged and user accounts.
Exposure Management:
Extensive experience with Tenable and Wiz.
Proficient in executing various scans (daily, weekly, ad-hoc, monthly), including PCI Compliance, Web Application Scanning, Vulnerability Management, Attack Surface Management, and Identity Exposure.
Proven ability to coordinate vulnerability remediation efforts with asset owners (identified through Tenable/Wiz/Google Mandiant).
Digital Certificates (DigiCert):
General understanding of digital certificate concepts.
Access Reviews:
Privileged Access Reviews: Familiarity with Google Sheets and Mail Merge, along with a general understanding of Active Directory fields (e.g., nested groups, disabled/expiring accounts, Organizational Units).
AD Termination Reviews: Familiarity with Google Sheets and VLOOKUP commands, and a general understanding of Active Directory fields (e.g., disabled/expiring accounts, Organizational Units).
Security Scorecard – Ground level work experience on issues like:
P1 Issues (Critical):
Ransomware infection detected.
Domain advertised as a ransomware victim.
Malware controller observed or malware infection.
Phishing infrastructure.
Alleged breach incident.
Anonymous open proxy.
Products susceptible to ransomware exploits exposed.
P2 Issues (High):
DB or RDP services exposed to the Internet.
Certificate revoked/expired.
SSH software supporting vulnerable protocols or weak ciphers/MACs.
SSL/TLS service supporting weak protocols or cipher suites.
End-of-Life (EOL) OS/Software.
Critical/High-Severity CVSS v3.0 Vulnerabilities.
Site not enforcing HTTPS.
FTP/Telnet/rsync/VNC/SMB/PPTP services detected.
Adware installation.
Missing SPF record.
P3 Issues (Medium/Low):
Certificate lifetime exceeding best practices or without revocation control.
Malformed SPF record or SPF record containing a softfail without DMARC.
Medium/Low-Severity CVSS v3.0 Service Vulnerabilities.
Missing Content Security Policy (CSP).
Insecure HTTPS redirect pattern or redirect chain containing HTTP.
Website not implementing HSTS best practices.

What we offer

Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. 

Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally.

Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today.

Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way!

High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.

About GlobalLogic

GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.