Principal Engineer, Cyber Risk Consulting

👋🏼We're Nagarro, we are a Digital Product Engineering company that is scaling in a big way! We build products, services, and experiences that inspire, excite, and delight. We work at scale — across all devices and digital , and our people exist everywhere in the world (18000+ experts across 36 countries, to be exact). Our work culture is dynamic and non-hierarchical. We're looking for great new colleagues. That's where you come in.

REQUIREMENTS:

• Total experience 13+ years.
• Extensive knowledge and experience in Cyber Risk Consulting and Security Assessment.
• Proficiency in Security Testing (VAPT), Risk Frameworks, Threat Modelling, SOC, and Security Training.
• Hands-on experience in offensive and/or defensive cyber security disciplines like penetration testing, incident handling, SOAR tools, threat hunting, and vulnerability management.
• Knowledge of key cyber security concepts: risk management, security architecture, data protection, network security, IAM, and asset management.
• Experience with cloud technologies (GCP, AWS, Azure)
• Pre-sales support, including responses to RFPs and client management.
• Technical consulting in building solutions for complex security challenges.
• Building and delivering technical presentations.
• Certification- ISO 27001 Implementer, CISSP, OSCP, or similar.
• Proven experience in troubleshooting and resolving complex integration issues.
• Strong collaboration skills to work effectively with business units and cross-functional teams.

RESPONSIBILITIES:

• Understand client business use cases and technical requirements, translating them into comprehensive technical designs that align with client needs.
• Map decisions to requirements and effectively communicate technical solutions to developers.
• Identify multiple solution options, evaluate them, and recommend the most suitable one based on the client's requirements.
• Conduct thorough security assessments of client infrastructures, identifying risks and proposing actionable mitigation strategies.
• Lead security testing processes, including Vulnerability Assessment and Penetration Testing (VAPT), Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and other security scans.
• Deploy and manage advanced security measures such as firewalls, intrusion detection systems, and encryption technologies.
• Continuously monitor systems and networks for threats, integrating multiple data sources for centralized monitoring and proactive threat detection.
• Define guidelines and benchmarks for Non-Functional Requirements (NFR) during project implementation.
• Write and review design documentation that explains the overall architecture, framework, and high-level design for developers.
• Review architecture and design for key attributes like scalability, security, extensibility, user experience, and adherence to design patterns and best practices.
• Develop and design solutions for functional and non-functional requirements, selecting appropriate technologies, patterns, and frameworks.
• Conduct Proof of Concepts (POCs) to validate that proposed designs and technologies meet project requirements.

Bachelor’s or master’s degree in computer science, Information Technology, or a related field.