.. Engineer Experience - 4+ Years Location- Bangalore/Hyderabad/Ahmedabad/Pune/Noida/Chennai Job description is as below: Block level Physical Design Implementation from RTL to GDSII or Netlist to GDSII, Block level Physical Signoff, Block level Timing Signoff and ECO generation. Block level Power signoff .. read more
The Enterprise Security Engineer will be responsible for designing, implementing, and maintaining robust security measures specifically for Razorpay's Enterprise IT tools and systems. You will proactively identify and mitigate potential threats, conduct vulnerability assessments, and incident response related to these tools, ensuring that they remain resilient against evolving cyberattacks. You will also play a key role in designing and evaluating secure IT architectures and access control mechanisms. Key Responsibilities: Security Architecture:
Design and implement security solutions tailored to Razorpay's Enterprise IT tool ecosystem. Continuously monitor and analyze security threats, vulnerabilities, and risks specific to Enterprise IT tools. Develop strategies to proactively mitigate potential attacks. Risk Assessment and Mitigation: Conduct regular risk assessments to identify and evaluate potential compliance risks. Develop and implement effective risk mitigation strategies. Monitor and report on the effectiveness of risk mitigation measures. Policy and Procedure Development: Create and maintain clear and concise policies, procedures, and standards for IT compliance. Ensure that policies and procedures are communicated and understood across the organization. Enterprise IT Security Architecture: Review and evaluate secure network architectures, including segmentation, firewalls, and intrusion detection/prevention systems (IDS/IPS). Review and evaluate secure CI/CD pipelines that incorporate automated security testing and compliance checks. Implement and manage encryption solutions for data at rest and in transit. Access Control and Identity Management: Co-partner and manage robust Identity and Access Management (IAM) solutions, including multi-factor authentication (MFA) and role-based access control (RBAC). Develop and maintain privileged access management (PAM) systems and processes. Co-partner and manage Single Sign-On (SSO) solutions across the organization's technology stack. Compliance Automation: Develop scripts and tools to automate compliance checks and generate reports for PCI DSS, SOC 2, and other relevant standards. Implement continuous compliance monitoring using infrastructure-as-code and policy-as-code approaches. Integrate compliance requirements into our DevOps workflows and CI/CD pipelines. Develop custom rules and policies within the compliance monitoring tool to address Razorpay-specific requirements. Integrate the compliance monitoring tool with our existing security and IT infrastructure, including SIEM, vulnerability scanners, and asset management systems. Create dashboards and reports that provide real-time visibility into our compliance posture. Incident Response: Develop and maintain an incident response plan for security and compliance incidents. Lead incident response efforts, ensuring timely and effective resolution. Collaboration: Collaborate with IT, security, legal, and other relevant teams to ensure compliance integration into daily operations. Build strong relationships with internal and external stakeholders, including auditors and regulators. Qualifications and Skills: Bachelor's or Master's degree in Computer Science, Information Systems, or a related field. 6-10 years of experience in IT compliance, security, or risk management roles. Deep understanding of network protocols, OSI model, and common attack vectors. Good to possess relevant IT certifications such as CISSP, CISM. Good understanding of PCI DSS, SOC 2, and other relevant regulatory frameworks. Proven experience in developing and implementing IT compliance programs. Hands-on experience with IT tools such as access management systems (e.g., Okta, Azure AD), software asset management (SAM) solutions, and vulnerability scanners. Excellent analytical, problem-solving, and risk-assessment skills. Strong written and verbal communication skills, including the ability to communicate complex technical concepts to non-technical audiences.
Design and implement security solutions tailored to Razorpay's Enterprise IT tool ecosystem. Continuously monitor and analyze security threats, vulnerabilities, and risks specific to Enterprise IT tools. Develop strategies to proactively mitigate potential attacks. Risk Assessment and Mitigation: Conduct regular risk assessments to identify and evaluate potential compliance risks. Develop and implement effective risk mitigation strategies. Monitor and report on the effectiveness of risk mitigation measures. Policy and Procedure Development: Create and maintain clear and concise policies, procedures, and standards for IT compliance. Ensure that policies and procedures are communicated and understood across the organization. Enterprise IT Security Architecture: Review and evaluate secure network architectures, including segmentation, firewalls, and intrusion detection/prevention systems (IDS/IPS). Review and evaluate secure CI/CD pipelines that incorporate automated security testing and compliance checks. Implement and manage encryption solutions for data at rest and in transit. Access Control and Identity Management: Co-partner and manage robust Identity and Access Management (IAM) solutions, including multi-factor authentication (MFA) and role-based access control (RBAC). Develop and maintain privileged access management (PAM) systems and processes. Co-partner and manage Single Sign-On (SSO) solutions across the organization's technology stack. Compliance Automation: Develop scripts and tools to automate compliance checks and generate reports for PCI DSS, SOC 2, and other relevant standards. Implement continuous compliance monitoring using infrastructure-as-code and policy-as-code approaches. Integrate compliance requirements into our DevOps workflows and CI/CD pipelines. Develop custom rules and policies within the compliance monitoring tool to address Razorpay-specific requirements. Integrate the compliance monitoring tool with our existing security and IT infrastructure, including SIEM, vulnerability scanners, and asset management systems. Create dashboards and reports that provide real-time visibility into our compliance posture. Incident Response: Develop and maintain an incident response plan for security and compliance incidents. Lead incident response efforts, ensuring timely and effective resolution. Collaboration: Collaborate with IT, security, legal, and other relevant teams to ensure compliance integration into daily operations. Build strong relationships with internal and external stakeholders, including auditors and regulators. Qualifications and Skills: Bachelor's or Master's degree in Computer Science, Information Systems, or a related field. 6-10 years of experience in IT compliance, security, or risk management roles. Deep understanding of network protocols, OSI model, and common attack vectors. Good to possess relevant IT certifications such as CISSP, CISM. Good understanding of PCI DSS, SOC 2, and other relevant regulatory frameworks. Proven experience in developing and implementing IT compliance programs. Hands-on experience with IT tools such as access management systems (e.g., Okta, Azure AD), software asset management (SAM) solutions, and vulnerability scanners. Excellent analytical, problem-solving, and risk-assessment skills. Strong written and verbal communication skills, including the ability to communicate complex technical concepts to non-technical audiences.