Devsecops(Max 34L)

Ubona Technologies (www.ubona.com) is a Bangalore based SaaS start-up providing full stack Customer Conversation Products to Large Enterprises. Ubona’s mission is to bring in a new era of Consumer Communication using AI/ML technologies and bring efficiencies to reduce friction in the last mile communication between Enterprises and their customers. Our innovative solutions are state of the art, first of its kind and successfully working in very large consumer environments powering millions of interactions daily. Ubona’s cloud-based software service stack comprises of Cloud Telephony and Cloud Contact Center, Omni-Channel Automation Bots, and Call & Speech analytics engine. Our customers include large banks, insurance companies, NBFCs, E-commerce ventures and Telecom operators.

By culture, Ubona is a start-up, with non-hierarchical structure, which works with very high zeal of creating something exceptional and believes in the cultures of openness, respect, and reward. We are looking for a technically strong and detail-oriented Cloud Security Specialist with good experience in implementing security and uplifting the security posture of the environment. You would also play a critical role in providing technical support for day-to-day security operations, security tool integration, automation support, change management and business continuity program.

Your role will be:

• Evaluate, select, design, and configure security infrastructure systems in multi-cloud (AWS, Azure, Google) & DC environments.

• Identify, integrate, monitor, maintain and refine infosec controls by understanding dynamic business processes.

• Work on KRIs and KPIs for existing Security Controls.

• Support and conduct internal/external audits, help mitigate findings and implement security related procedures.

• Implement & maintain compliance to industry standard security benchmarks.

• Prepare hardened OS images and implement Industry benchmarked hardened security public cloud environments.

• Install, configure, manage, and maintain mission-critical enterprise security solutions such as AV, patching, SIEM, SOAR, DLP, log managementamong others.

• Go to person for following & implementing security principles in the infra.

Soft Skills

• Develop and maintain strong relationships with both internal and external people.

• Adept at handling tough stakeholders.

• Good communication and interpersonal skills.

• Manage time bound projects with ease.

You will need:

• 4-10 years of experience of managing and implementing security services in AWS/Azure/DC environments.

• Sound technical knowledge of security aspects of infra incl. compute, network, storage, databases.

• High degree of ownership and passion to solve problems, drive financial grade security of the infrastructure.

• Knowledge of Industry (CIS etc.,) benchmarks for Linux/Windows/AWS/Azure. Experience of hardening the environments.

• Experience of using full stack of AWS security services such as WAF, Security Hub, Guard Duty, Network Firewall etc.,

• Experience of implement rules in AWS to trap and escalate security policy violations.

• Experience of working closely with the engineering, infra teams to remedy identified vulnerabilities.

• Security incident/threat response/modelling skills – identification, debugging, root case analysis and escalation.

• Ability to quickly learn new skills, work with other teams/partners.

• Prior experience of implementing controls in ISO/PCI DSS/SOC environments in public/private clouds and DC environments.

Good to Have

• Security Certifications such as CISSP, AWS Certified Security – Speciality, Azure Security will be preferred.

• VAPT/ Network Scanning tools like Nessus, Webinspect etc.

• Exposure to SAST, DAST, Web Application Security.