Companies you'll love to work for

SOC/ VM Architect - Information Security

Icertis

Icertis

IT
Pune, Maharashtra, India
Posted on Wednesday, February 7, 2024
With unmatched technology and category-defining innovation, Icertis pushes the boundaries of what’s possible with contract lifecycle management (CLM). The AI-powered, analyst-validated Icertis Contract Intelligence (ICI) platform turns contracts from static documents into strategic advantage by structuring and connecting the critical contract information that defines how an organization runs. Today, the world’s most iconic brands and disruptive innovators trust Icertis to fully realize the intent of their combined 10 million contracts worth more than $1 trillion, in 40+ languages and 93 countries.
Who we are: Icertis is the only contract intelligence platform companies trust to keep them out in front, now and in the future. Our unwavering commitment to contract intelligence is grounded in our FORTE values—Fairness, Openness, Respect, Teamwork and Execution—which guide all our interactions with employees, customers, partners and stakeholders. Because in our mission to be the contract intelligence platform of the world, we believe how we get there is as important as the destination

Responsibilities:

  • Vulnerability Management– code reviews, design reviews, articulation of SAST, DAST reports with engineering teams, false positive elimination, and an ability to discuss mitigation controls.
  • Secure application design– understand design principles for secure application engineering in a product development lifecycle and threat modeling capabilities.
  • Security posture enhancement- ability to define prioritization (across application, infra, cloud platform vulnerabilities) and drive remediation approach, security posture enhancement leveraging Microsoft Security Scorecard, vulnerability reports.
  • Large language model, Gen AI– ability to appreciate relevance of generative AI or LLM models for application engineering needs, deployment architectures, potential pitfalls and areas of scrutiny for the new software 3.0 architecture.

Skills:

  • Strong fundamentals on one or more of programming languages – java/ c/ c++/ python, database management, cloud services
  • Strong familiarity with cloud capabilities and products and services on the Cloud – preferably Azure or AWS
  • Experience with one or more security tools such as Burp Suite, Fortify, Veracode
  • Remediation, mitigation controls- Understanding and articulation of vulnerability remediation across the above estate, with an ability to remain contextual and prioritize remediation for a given ecosystem (cloud, devops, etc.).
  • Familiarity with security posture management scorecards and typical recommendations on continuous improvement (for an Azure enterprise)
  • Communication skills: Ability to interact with a broad cross-section of personnel to explain and enforce security measures with a grounded understanding of CVE scores, asset criticality, prioritization, compensatory controls.
  • Knowledge of scripting languages like PowerShell and Python for automation.
  • Threat hunting – experience, exposure to the concept and custom handling of threat hunting scenarios.
  • Key management, data encryption – knowledge and experience with handling cryptographic keys, symmetric/ asymmetric encryption algorithms for encryption within and outside the cloud services ecosystem
  • Compliance standards, alignment – with the likes of NIST type standards, for core engineering guidelines, recommendations.
  • Attack surface management – configuration and implementation of ASM tools.
Icertis, Inc. provides Equal Employment Opportunity to all employees and applicants for employment without regard to race, color, religion, gender identity or expression, sex, sexual orientation, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. Icertis, Inc. complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to careers@icertis.com or get in touch with your recruiter.
By submitting your application you acknowledge that you have read Icertis’s Privacy Policy (https://www.icertis.com/privacy-statement/)
Icertis is not open to third party solicitation or resumes for our posted FTE positions. Resumes received from third party agencies that are unsolicited will be considered complimentary.