You know your calling, you have decided on your specialization, and have spent time gaining crucial skills and experience. Now you are yearning for more. Consider applying to join one of our functional practice areas. Our functional practices deliver innovative services to some of the most demanding and discerning clients across the world.

Lead Consultant – Archer COE team
Location – Bangalore
Travel – Open to travel nationally and internationally

Job Description:

  • Aujas Networks is looking for a Lead Consultants to manage and deliver advanced consulting assignments. Our goal is to provide high value business solutions to clients and typically these assignments  demand  a  thorough  understanding  of the  client’s  business  and technology  environment, insight into industry practices and the ability to find innovative solutions after studying complex operational scenarios. Examples of such assignments include – designing the governance and operating model for enhancing incident response, interacting with multiple business function groups to determine data flow across organizations, integrating diverse technology point solutions for enhancing correlation and consolidating organization wide reporting e.g. for risk reporting or incident reporting and analytics. Apart from managing and executing such assignments, the candidate is expected to contribute to the practice via eminence activities (conference/whitepapers/blogs), supporting service capability building and pre-sales initiatives.

    Role Description:

    Consulting – GRC domain       

    • 8+ yrs of exp and atleast 3 yrs hands on exp (both front end and back end) on Archer GRC suite.
    • RSA Archer out-of-the-box application and solution implementation
    • On demand application creation for customized reporting/ views
    • Creating customized workspaces using custom object coding , iviews, reports , notification templates.
    • Experience in configuring Data Feed Manager to import data from external sources like HRMS and AD and creating automated business hierarchy,
    • Prepare Functional Specification Document for the client
    • Hands on implementation experience with multiple Archer Solution packages, at-least 4 of them.

     

    Project Management –

    • Manage the project to ensure quality deliverables are produced within timelines.
    • Project communication is open and documented and relationship with all stakeholders are maintained
    • Team management to ensure support, motivation and retention
    • Project risk are known, documented and addressed

     

    Desired Profile: 

    • Minimum of 8 years of experience in architecting information security solutions, creating security strategy, security programs and managing information security management systems
    • Experience in managing projects and ensuring quality deliverables for large clients.
    • Minimum of 3 full lifecycle implementation of GRC solution with Archer in a complex, multi- location environment
    • Experience in understanding client’s business environment and proposing “fit for purpose” GRC solution
    • Knowledge and implementation/ consulting experience in managing risk and compliance projects
    • Ability to understand client security requirements and conceptualize / design security controls to ensure the cost of protection is commensurate with the value at risk

     

    Qualification & Experience: 

    • Functional experience: 8-10 years of full time
    • Bachelor Degree
    • Preferred Certifications - CISSP and/or CISA/CISM and Archer

     

    Contact your Recruiter

Lead Consultant- Web application and Network
Location – Bangalore/Mumbai
Job Description:
  • Adhering to best practices, and alignment with the Customer’s security requirements for project execution, documentation, and reporting
  • Interaction with multi-disciplinary teams for timely meeting of key project milestones and checkpoints
  • Contribute to practice development by creating reusable components and document key project-learning within the consulting practice
  • Build multifaceted skills in technologies
  • Manage Customer relationships at the project delivery level
  • Hands on experience in penetration testing for thick client based application.
  • Understanding of enterprise security and auditing requirements will be advantageous
  • Possess demonstrated skills in Customer-centric selling, and supporting the sales team in closing deals by providing technological support
  • Being a key team member for delivering complete project life cycles – from capturing Customer requirements to delivering timely solutions to Customers
Desired Profile:
  • Should have experience in handling at least 10-15 people team
  • Should have experience in handling multiple projects / clients simultaneously
  • Should have experience in handling projects in multi-geographies (E.g. South Asia, Middle East and USA)
  • Sound understanding of all security related fundamentals
  • Should be well-versed with OSSTMM / OWASP / SANS standards
  • Should have skills in Linux and Linux based tools.
  • Proven experience of penetration testing for web based application and use of backtrack based tools.
  • Rich script development in Perl/Ruby/Php/Python (would be a plus)
  • Excellent time management and prioritization skills
  • CEH would be minimum certification requirement
  • Relevant certifications (OSCP/CSSLP/CISSP) will be an added advantage
  • Hands on experience in penetration testing for financial applications
  • Hands on experience in web, thick and cloud based applications
  • Should be open to travel
Qualification & Experience:
  • Minimum Bachelor Degree

Contact your Recruiter

Associate Consultant/Consultant/Senior Consultant- Mobile Application
Location – Mumbai/Gurgaon
Role Description:
  • Conduct Security Code Review, Penetration Testing and Consult Product Development Team to secure Financial and Telecom Applications
  • Conduct penetration testing for thin & thick client based applications
  • Identify and propose work-around for critical defects.
  • Should be able to deal with multiple platforms like Windows, Linux and technologies like Java, .Net
  • Should have experience in Mobile application assessment in Andorid, iOS, Windows and Blackberry platforms
  • Conduct Threat Modeling of Applications
  • Ability to analyze root causes and deliver strategic recommendations during security reviews
  • Being a key team member for delivering complete project life cycles – from capturing Customer requirements to delivering timely solutions to Customers
  • Adhering to best practices, and alignment with the Customer’s security requirements for project execution, documentation, and reporting
  • Interaction with multi-disciplinary teams for timely meeting of key project milestones and checkpoints
  • Manage Customer relationships at the project delivery level
Desired Profile:
  • Candidate should be Graduate / Post Graduate with a strong hold on the Java, .Net, PHP based web technologies
  • Sound understanding of all security related fundamentals
  • Prior Development Experience will be an advantage
  • Should be familiar with OWASP, OSSTMM etc.
  • Hands on Experience on tools like Fortify, IBM AppScan, Checkmarx will be an added advantage.
  • Experience in code review will be an advantage.
  • Understanding of managed services business and the significance of SLAs SOPs, periodic reporting and escalation matrices
  • Relevant certifications (CEH/CSSLP/CISSP) will be an added advantage
  • Keen market awareness in terms of upcoming technologies, vendor offerings, and competitors is highly desirable
  • Experience n scripting and coding language will be an added advantage.
  • Excellent time management and prioritization skills
  • Should posses good Interpersonal & Communication skills

Contact your Recruiter

Chief Information Security Officer

Location: Delhi

Qualities Desired 

  • Must have undertaken the role of technology security specialist/manager in at least five projects with extensive policies on data security 
  • He should  have  a  minimum  of  10  years  experience  in  managing  Security Operations of large data centers and IT infrastructure  
  • Should have expertise in the areas of application security and conduct of IT security testing programs  
  • Experience in the areas of OWASP top ten web applications security risks  
  • Experience/strong understanding  of  Information  Security  -  policies  and procedures,  logical  and  physical  security,  anti-virus  management, vulnerability management  
  • Should have experience in conduct of business continuity and disaster recovery tests  
  • Must have undertaken a role in IT Risk management or IT security management in at least two projects  

Qualification and Experience  

  • Post Graduate degree in Computer Science/Information Technology/Engineering  
  • Certificate in IT Risk Management/Information Security such as CISA, CISSP, GIAC  
  • Should have specialisation on a range of solutions, including, but not limited to, SSL, making appropriate use of PKI, intrusion detection / prevention, VPN, single sign-on, firewalls, and all elements of application-level security  
  • Should possess extensive knowledge and experience in information technology security design, operations, encryption, information access, and authentication processes  
  • Should have in-depth knowledge of ISO 27001 information security requirements

 Contact your Recruiter

Associate consultant/ consultant/ Senior Consultant- DLP

Location: Delhi/Bangalore

Job Responsibilities:

  • Understand workflow in Symantc/Web Sense/ McAfee and assist in fine tuning of the data leakage prevention rules and automation via workflows
  • Perform incident management for data leakages, this includes incident identification, reporting, escalation and closure
  • Identify the priority of the data leakage incident and risks to the organization
  • Understand Symantc/Web Sense/ McAfee security gateway content and data leakage prevention features and identify gaps
  • Perform trend analysis of identified incidents, prepare reports
  • Learn from incidents and provide suggestions for fine tuning of the rule bases  

Desired Profile:

  • Should have 2-8 years experience in DLP solution.
  • Excellent analytical skills and result oriented
  • Knowledge about DLP, network security concepts and working experience with network security devices
  • Experience in incident management, log management and its correlation

Contact your Recruiter

Consultant/ Senior Consultant – Web application and Network security
Location – Bangalore/NCR/Mumbai/Hyderabad
Job Description:

• 3 years of relevant manual infrastructure and/or application security experience
• Bachelors/Masters in Computer Science or related field is preferred.
• Knowledge of network attacks, post exploitation skills, security bug classification frameworks such as DREAD, OWASP Top 10 etc. and experience applying security bug classification methods in Testing and QA.
• Experience in providing technical oversight to other project team members to maintain engagement quality.
• Experience in handling client queries, providing recommendations & mitigation strategies in order to remediate vulnerabilities.
• Good to have exposure on mobile application security assessments, source code analysis, application security vulnerability research
• Good to have experience with fuzzing & exploit development.
• Good to have skills in programming languages such as C, C++, Python, PHP or other major programming languages.
• Good to have experience in speaking or presenting at national and international security conferences and events.
• Good communication skills

Contact your Recruiter

Consultant/ Senior Consultant – Web application and code review
Location – Bangalore/Mumbai/Gurgaon
Job Description:

• Automation and Manual Code review, guide development teams to fix security defects at code level.
• Configure and tune static code scanning solution to maximize tool effectiveness and minimize false positives
• Manual validation of true and false positives from static code scanning solution
• Should have experience in source code review of various languages such as Java, Asp.net & Php, C#, VB.Net
• Tools: Checkmarx, HP Fortify, Veracode, IBM Appscan source edition
• Keywords: Antisamy, ESAPI, HTML Purifier

Contact your Recruiter

Specialist – CA and NETIQ IAM

Location:  New Jersey 

Role Description:

  • Aujas Networks Private Limited Company d/b/a Aujas Information Risk Services seeks a Specialist – CA and NetIQ IAM to work in Jersey City, New Jersey and unanticipated locations throughout the United States.  Responsible for: (i) working independently to maintain and deploy identity management solutions using Novell or NetIQ security and Identity and Access Management (IAM) products; (ii) configuring security policies into the solution and corresponding security workflows, user interfaces and security reports; (iii) interfacing with client teams for security requirement formalization and documentation; (iv) identifying requirements and delivering timely custom development solutions; (v) building custom adapters using various methods; (vi) configuring web access security management for enforcing passport security requirements; (vii) working with principal vendor support teams to resolve product bugs and obtain product enhancements; and (viii) setting up and executing proof of concept demonstrations. 

     

    This position is for a roving employee who will work in unanticipated locations throughout the United States.  The employee will have to relocate, but travel is not required from any particular location.

     

    Must possess a Bachelor's degree (or foreign equivalent) in an Information Technology field.  One year of experience in Identity and Access management (IAM) consulting required.  Experience must include: IAM solution planning, design, and development; IAM solution architecture and project planning.

     

    Must know (from completed university-level coursework, seminars, workshops, or real-world, hands-on experience):  CA Technologies (CA) products suites (including: CA Identity Manager, CA Identity Governance, CA Siteminder, and CA Privileged Identity Manager).  

     

    Submit resume to: Mohit Vaish at:  mohit.vaish@aujas.com

 Contact your Recruiter

Senior Consultant – Archer
Location – Bangalore/NCR/Mumbai
Job Description

• 5+ years of experience.
• 5 years plus experience and at least 3 years hands on experience (both front end and back end) on Archer GRC suite.
• RSA Archer out-of-the-box application and solution implementation.
• On demand application creation for customized reporting/ views
• Creating customized workspaces using custom object coding , iviews, reports ,notification templates.
• Experience in configuring Data Feed Manager to import data from external sources like HRMS and AD and creating automated business hierarchy,
• Prepare Functional Specification Document for the client
• Hands on implementation experience with multiple Archer Solution packages, atleast 4 of them.

Contact your Recruiter

Consultant- Tivoli Identity Manager

 

Location :  Mumbai 

 

Role Description:

  • Work independently or as part of geographically spread teams to design and deploy identity management solutions using ITIM / ISIM and other products
  • Prepare solution design documents and requirement specifications
  • Understand the solution specifications and setup workflows, user interfaces, policies and reports as per solution requirements
  • Deploy ITIM / ISIM in various environments and configurations including high availability and failover
  • Interface with client teams for requirement formalization and deployment planning
  • Identify requirements and deliver custom development as and when needed
  • Build custom adapters using various methods
  • Work with principle vendor support teams to resolve product bugs and obtain product enhancements
  • Setup and execute proof of concept demonstrations
  • Assist in presales – understanding requirements, building approach notes, solution proposals, effort estimates
  • Additional responsibilities will include team mentoring, adherence to Aujas project monitoring/management methodology

Desired qualities:

  • Excellent communication skills; written and spoken
  • Experience with other products like Sun, Oracle, CA, or other Tivoli products etc shall be appreciated, but excellent understanding of ITIM / ISIM is essential including understanding of policies, workflows, reconciliation, recertification and reports.
  • Sound understanding of all components in the IBM Tivoli / IBM Security IDM suite – Websphere Application Server, Message Queues, DB2, Tivoli Directory Integrator, Tivoli Directory Server, Adapter development tool
  • Proven hands on experience of designing and deploying identity solutions using IBM Tivoli’s stack
  • Custom code development in Java / Javascript for augmenting out of the box features
  • Good skills in programming and writing custom programs and scripts
  • Creating and modifying workflows for implementing business flows
  • Creating custom adapters and interfaces, utilizing APIs from IBM Tivoli / IBM Security
  • Experience of integrating a variety of user repositories, including databases, LDAP servers, Microsoft Active Directory and Exchange, UNIX, and enterprise services such as HR systems, Application Servers, CRM, etc.
  • Comfort with databases, operating systems and computer networks
  • Relevant certifications will be a plus
  • Travel will be needed. It can be both short term and long term.

Qualification & Experience:

  • Total experience: 3 - 7 years
  • Bachelor or Masters degree in Computer Science and Engineering or equivalent
  • Preferred Certifications – ITIM / ISIM Certified

Contact your Recruiter

Information security officer

Location: Gurgaon

 Qualities desired 

  • Should have a minimum of 5 years’ experience in information security specifically cyber security 
  • Must have undertaken the role of technology security specialist/manager in at least two projects with extensive policies on data security 
  • Should have expertise in the areas of application security and conduct of IT security testing programs  
  • Experience/strong understanding  of  Information  Security  -  policies  and procedures,  logical  and  physical  security,  anti-virus  management, vulnerability management  

 Qualification and Experience  

  • Graduate degree in Computer Science/Information Technology/Engineering  
  • Certificate in IT Risk Management/Information Security such as CISA, CISSP, GIAC etc.

Contact your Recruiter

Lead Consultant- Qradar

Location: Bangalore

Required skills and experience:

  • Overall 6+ years of relevant experience in Information Security /SIEM domain. (Primarily QRadar).
  • Strong implementation/governance experience in QRadar SIEM.
  • Ability to develop solution architecture design and implementation for security projects.
  • Familiarity with SIEM usecase management and SOC processes.
  • Skills to Install/configure/build/fine-tune the SIEM tool to setup an effective information security support / operations.
  • Establish KPI, review & manage security logs and provide reports based on KPI and metrics.
  • Hands-on knowledge of Correlation rules creation / Update / Deletion.
  • Ability to develop custom parsers for unsupported devices.
  • Excellent communication and customer interaction skills.
  • Familiarity of ITIL and ISO processes.
  • Willingness to relocate anywhere in India or abroad as per the business requirements.
  • Being flexible to work in 24*7 environment as per the business needs.

Qualification:

  • Any Graduate (preferably Engineer, MCA).
  • QRadar SIEM product certification is desirable.
  • Any of the following certifications Cisco – CCNA, CCNA – Security, CCNP – Intrusion Prevention System, ECSA (Certified Security Analyst), CEH.

 Contact your Recruiter

Security Operation Centre L3

Location: Kuwait

Scope of the project:

  • QRadar hands on implementation experience.
  • QRadar device integration, correlation rules, reports creation.
  • Uecase development and implementation.
  • Ongoing QRadar operations and support.
  • Drive ongoing SOC operations and governance
  • Client/partner handling role.

Required Skills

  • Qradar Implementation, SOC L3 experience is a must
  • Need to have familiarity with at least 2 SIEM tools (one necessarily being QRadar)
  • Proven track record and experience of setting up and running SOC (preferably using QRadar)
  • Responsible for smooth and efficient SOC operation
  • Overall responsibility of ensuring quality service delivery and meeting the defined SLA
  • Reporting, metrics measurement and continuous improvement
  • Manage shifts and roster; SOC team management
  • Review changes to the process / procedures / formats and approve the same
  • Recommending the annual training calendar for all SOC team members
  • Responsible for identifying resource requirements and recommending the same to the IT Security committee
  • Periodic review with steering committee
  • Need to have excellent communication skills and client handling experience to ensure client satisfaction
  • Approximate years of experience: 6+ years and team management experience.

Apart from the specific skills/responsibilities listed above, it is preferable to have following skills:

  • Network security, experience working with IPS/IDS
  • Patch management skills
  • Antivirus management and malware detection skills
  • Well versed working with at least 2 Operating systems (e.g. Windows, Linux)

  Contact your Recruiter

Lead Security Architect

Location- Mumbai

Job Description

The IT Security Architecture (SecArch) team is part of the Technology Infrastructure Risk (TIR) organization. The mission of the SecArch team is to provide security assessments of technology systems and processes to identify business risks and recommend remedial action based on established security standards or security best practices. The IT Security Generalist (Integrator) is an internal consultant that is working on multiple security architecture and design assessments. The Integrator works with team members (IT, Business, Suppliers, Stakeholders and Partners) globally to perform SecArch assessments. To be successful as an Integrator the candidate must have broad technology experience coupled with strong communication, influencing and time management skills.

An Integrator has the following responsibilities:
1. Lead SecArch deep dives with the requestor of the assessment
2. Conduct assessment and provide technology risk/requirements to the requestor. Areas covered:
a. AAA – Authentication, Authorization, Auditing
b. Application Security – Session Security, Vulnerability/Pen Testing items, Input Validation
c. Secure data transport and storage
3. Periodically review security reference architecture (security blueprints) and conduct updates/enhancements
4. Participate in various Operational and Technology Risk governance processes
5. Assist in identifying new areas and opportunities of technology investment for the firm

Skills and Experience

Soft Skills (Required)
1. Excellent communication skills: written, oral, presentation, listening
2. Ability to influence through factual reasoning
3. Time management: ability to handle multiple concurrent assessments, plan based deliverable management, strong follow up and tracking
4. Strong focus on delivery when presented with short timelines and increased involvement from senior management
5. Ability to adjust communication of technology risks vs business risks based on the audience

Security Architecture Skills
1. Required – In depth knowledge of application, network and platform security vulnerabilities. Ability to explain these vulnerabilities to developers
2. Required – Experience in conducting Information Security, IT Security, Audit assessments. Presenting the outcomes of the assessment and obtaining buy in.
3. Required – Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.
4. Required – The candidate must have working experience in the following application/network security domains:
a. Authentication: SAML, SiteMinder, Kerberos, OpenId
b. Entitlements and identity management
c. Data protection, data leakage prevention and secure data transfer and storage
d. App Security - validation checking, software attack methodologies
e. Cryptography – encryption and hashing
5. Desired – Knowledge of standard network model and the risks that present at each layer, the functions of network equipment such as switches, routers, firewalls, proxies, vpn, and load-balancers, and to understand network architecture.
6. Desired - The candidate must have working knowledge of the primary operating systems (Unix, Windows, z/OS, Mac OS), the configuration and management of that platform at an enterprise scale, the security risks to that platform, and how to mitigate those risks.
7. Desired - experience in testing tools, at least one of Veracode, Fortify, OunceLabs, AppScan, WebInspect, Burp

Development Experience

1. Required – Even though the SecArch Integrator role is not a development role, the candidate must have previous background in programming, design and application architecture.
2. Required – In order to be a practical SecArch Integrator the candidate must have experience implementing complex applications in an enterprise environment.
3. Required – working knowledge of programming and scripting languages: Java, JavaScript, C#, C/C++, Perl, Python, Ruby
4. Desired – In-depth knowledge of web technologies such as Web Browsers, Web Servers, Web Services

Other Areas of Expertise

1. Frameworks, protocols and subsystems: J2EE, .NET, Spring, RPC, SOAP, MQSeries, JMS, RMI, JMX, Hibernate.
2. Knowledge of JSP /Servlet/EJB or ASP.NET, HTTP/HTTPS, Cookies, AJAX, JavaScript, Flex / Silverlight.
3. Database design and programming experience
4. Experience of liaising with 3rd Party Entities (exchanges, suppliers, regulators)
5. Experience in conducting and / or reviewing penetration tests, dynamic vulnerability assessments and static vulnerability assessments
6. Understanding of geographic regulations and their impact on Security assessments
7. Previous experience in Financial Services is preferred
8. CISSP or other industry qualification
9. Desired – experience working with global organizations

Educational Requirements

Bachelor’s Degree with minimum 5 years relevant work experience in high-paced, enterprise environment

Contact your Recruiter

Consultant/ Senior Consultant- IGI/ Crossidea

Location: Bangalore

Role Description:

  • Work independently or as part of geographically spread teams to design and deploy identity management solutions using ISIM/ IGI and other products
  • Prepare solution design documents and requirement specifications
  • Understand the solution specifications and setup workflows, user interfaces, policies and reports as per solution requirements
  • Deploy ISIM/ IGI in various environments and configurations including high availability and failover
  • Interface with client teams for requirement formalization and deployment planning
  • Identify requirements and deliver custom development as and when needed
  • Build custom adapters using various methods
  • Work with principle vendor support teams to resolve product bugs and obtain product enhancements
  • Setup and execute proof of concept demonstrations
  • Assist in presales – understanding requirements, building approach notes, solution proposals, effort estimates
  • Additional responsibilities will include team mentoring, adherence to Aujas project monitoring/ management methodology

Desired qualities:

  • Excellent communication skills; written and spoken
  • Experience with other products like Sun, Oracle, CA, or other Tivoli products etc shall be appreciated, but excellent understanding of ISIM/ IGI is essential including understanding of policies, workflows, reconciliation, recertification and reports.
  • Sound understanding of all components in the IBM Tivoli / IBM Security IDM suite – Websphere Application Server, Message Queues, DB2, Tivoli Directory Integrator, Tivoli Directory Server, Adapter development tool
  • Proven hands on experience of designing and deploying identity solutions using IBM Tivoli’s stack
  • Custom code development in Java / Javascript for augmenting out of the box features
  • Good skills in programming and writing custom programs and scripts
  • Creating and modifying workflows for implementing business flows
  • Creating custom adapters and interfaces, utilizing APIs from IBM Tivoli / IBM Security
  • Experience of integrating a variety of user repositories, including databases, LDAP servers, Microsoft Active Directory and Exchange, UNIX, and enterprise services such as HR systems, Application Servers, CRM, etc.
  • Comfort with databases, operating systems and computer networks
  • Relevant certifications will be a plus
  • Travel will be needed. It can be both short term and long term.

 Contact your Recruiter