Information Security Engineer at Smart Data Solutions LLC

Chennai, tamil nadu, India -

Full Time

Start Date

Immediate

Expiry Date

12 Aug, 26

Salary

624000.0

Posted On

14 May, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Vulnerability Management, Security Monitoring, Incident Response, AWS Cloud Security, SIEM, EDR, PowerShell, Bash, Python, NIST, ISO, HITRUST, Linux, Microsoft Windows Server, MySQL, Network Security

Industry

IT Services and IT Consulting

Description

Job Description Reports To: Information Security Manager FLSA Status: Exempt Department: Information Security Location: Chennai, India Office AD Role: InformationSecurityEngineer Summary This document describes the duties, responsibilities, and required skills and experience for the position of Information Security Specialist. Duties and Responsibilities include but are not limited to: Vulnerability Management and Security Configuration * Analyze scan results to distinguish true risk from false positives, including understanding vendor backported patches and compensating controls * Coordinate with infrastructure, application, and engineering teams to remediate vulnerabilities within defined SLAs * Identify security vulnerabilities in the QuickClaim web application and other SDS web applications and collaborate with the Senior Product Developer to remediate identified issues. * Monitor threat intelligence sources and emerging vulnerabilities to assess organizational impact. * Implement and manage application control policies to prevent execution of unauthorized or malicious software * Participate in monthly maintenance when applicable Security Monitoring and Alerting * Monitor security alerts and events from SIEM, EDR, endpoint protection, and cloud security platforms to identify potential security incidents. * Tune monitoring and detection controls based on emerging threats, environmental changes, and lessons learned from incidents. * Work with infrastructure and engineering teams to ensure proper log collection, ingestion, and retention for security monitoring purposes. * Monitor and assess cloud environments for misconfigurations, insecure permissions, and policy violations. Incident Response * Respond to security incidents by investigating alerts, determining scope and impact, and coordinating containment, eradication, and recovery efforts. * Follow established incident response procedures and escalation paths to ensure timely and appropriate response. * Perform root cause analysis and document findings, actions taken, and remediation steps. * Support post-incident reviews to identify gaps, lessons learned, and opportunities for improvement. * Participate in an on-call rotation with the Security Pager Projects * Lead and execute security improvement projects to remediate identified gaps, including planning, prioritization, implementation, and validation. * Translate identified risks into actionable security projects aligned with business needs and organizational risk tolerance. * Track project progress and outcomes, ensuring measurable risk reduction and documented improvements. Documentation * Create documentation for all security related configurations and procedures. * If documentation for a procedure already exists, use it when performing procedures and update as necessary. Perform other duties as assigned. The duties set forth above are essential job functions for the role. Reasonable accommodations may be made to enable individuals with disabilities to perform essential job functions. Skills and Qualifications * Microsoft Windows Operations Systems (Workstation and Server) * Linux Operating Systems * MySQL database or similar * AWS Cloud Security * Experience with Rapid7 InsightVM, SIEM, Digital Risk Protection, Automox, Duo, Manage Engine, ExtremeIQ, Sophos, Palo Alto Firewalls, Qualys and Office 365, or similar * Experience with scripting or automation (PowerShell, Bash, Python) to support remediation, monitoring, or configuration validation. * Experience and familiarity with security frameworks such as NIST, ISO, and HITRUST * Experience and familiarity with information security concepts and best practices in all domains (e.g. Physical, Administrative, Technical, etc.) * 3+ years of experience in information security, systems engineering, or a related technical role * Strong personal organization and task discipline * Strong reading comprehension * Proficient in information and statistical analysis * Objectivity and fairness Work Environment and Physical Demands To perform this job successfully, an individual must be able to perform each duty and responsibility satisfactorily. The requirements listed above are representative of the knowledge skill and/or abilities required. Risk Designation This role is classified as high risk due to access to Protected Health Information ‘PHI’. Employees in this role must be free of felony convictions on any background check run by Smart Data Solutions. Access Grants Employees are only granted access to the minimum necessary facilities, applications, and systems unless otherwise authorized by the CIO/CTO. The following represent the access grants for this role. If not listed, access is denied by default. Protected Information Access Employees in this role are authorized to access the following Protected Information categories. If any Protected Information category is not listed for any reason, authorized access to that category is not granted. Protected Information Access Authorization Protected Health Information (PHI) No Source Code Yes System Configurations Yes Financial Data No Human Resources Data No System Credentials Yes Application Access Employees in this role are authorized to access SDS internal and cloud applications according to SDS’s policies and procedures, including but not limited to a Role Access Matrix, and such permitted access (if any) will be communicated to Employee(s) upon hire. If any application is not listed for any reason, authorized access to that application is not granted. Facility and Physical Location Access Employees in this role are authorized to access the following SDS facilities and physical locations. If any facility or physical location is not listed for any reason, authorized access to that facility or physical location is not granted. Location Access Authorization SDS Business Office 2900 Lone Oak Parkway, Suite 130. Eagan, MN No SDS Scanning Facility 960 Blue Gentian Rd, Eagan, MN No SDS Scanning Facility Equipment Closet 960 Blue Gentian Rd, Eagan, MN No SDS Keying Facility 69 N 28th Street E, Suite 16 Superior, WI No SDS Keying Facility Equipment Closet 69 N 28th Street E, Suite 16 Superior, WI No Primary Data Center 250 Marquette Ave S, Minneapolis, MN No Secondary Data Center 400 S Akard St, Suite 200, Dallas, TX 75202 No SDS Business Office 5445 Legacy Drive, Plano, TX No SDS Scanning Facility 315 South 48th Street, Suite 111, Tempe, AZ No SDS Scanning Facility 5000 Campus Wood Drive, Suite 400, East Syracuse, NY No SDS Development Office - Nepal Kandevta Complex - 3rd Floor Kandevtasthan, Kupondole Lalitpur Nepal No SDS Office – India 6th Floor, Block 4A, Millenia Business Park, Phase II MGR Salai, Kandanchavadi, Perungudi, Chennai 600096 Yes Remote Access and Mobile Devices Employees in this role are authorized for the following remote access and mobile devices: Remote Access / Mobile Device Access Authorization Laptop Computer Yes BYOD for Exchange Email & Calendar Yes VPN Connection Yes Security Responsibilities All employees are required to maintain confidentiality as related to protected health information (‘PHI’). Employees are required to follow the Acceptable Use Policy while using any information systems owned or controlled by Smart Data Solutions. Any improper and/or unlawful disclosure of confidential information will be subject to disciplinary action, up to and including termination. Security roles and responsibilities include: * Implementing and acting in accordance with the organization's information security policies. * Protecting assets from unauthorized access, disclosure, modification, destruction, or interference. * Executing particular security processes or activities. * Ensuring responsibility is assigned to the individual for actions taken. * Reporting security events or potential events or other security risks to appropriate Smart Data Solutions personnel

Responsibilities

The role focuses on managing vulnerabilities, monitoring security alerts via SIEM and EDR, and responding to security incidents. It also involves leading security improvement projects and maintaining detailed documentation for security configurations.