Cyber Security Engineer, eCommerce SecOps
Adobe
Noida, Uttar Pradesh, India
Our Company Changing the world through digital experiences is what Adobe is all about. We provide individuals, ranging from emerging artists to global brands, with the tools they need to design and deliver exceptional digital experiences. Our passion lies in empowering people to create appealing and powerful images, videos, and apps, as well as redefining how companies engage with customers across all screens. Our company is dedicated to hiring the best talent and ensuring exceptional employee experiences where everyone is respected and given equal opportunities. We believe that innovative ideas can originate from any level within the organization, and we recognise that the next ground-breaking idea could come from you! The Opportunity At Adobe Commerce (formerly Magento), a rapidly growing e-commerce company, we are currently searching for a Cyber Security Engineer to join our team in an SRE SecOps role. You will be responsible for building and maintaining security controls within SRE processes, improving security reviews of infrastructure and applications, and supporting vulnerability management processes. Your expertise will play a meaningful role in quickly identifying breach attempts, containing, and eradicating threats, streamlining security incident response processes, and driving continuous improvement based on threat intelligence. What you'll Do Triage security alerts, lead incident response efforts, and maintain comprehensive documentation. Develop and own solutions to identify breach attempts, contain threats, and eradicate them effectively. Streamline security incident response processes and collaborate with the stakeholders to make informed decisions based on threat intelligence. Establish metrics that demonstrate continuous improvement of Security Operations capabilities and implement proposed strategies for improvements. Collaborate with the SRE/Tier 3 Dev team to integrate security practices into the development, deployment, and maintenance. Conduct regular security assessments, vulnerability scanning, and penetration testing to proactively identify and address potential security risks. Monitor and analyse security logs, alerts, and events to detect and respond to security incidents in a timely manner. Stay up to date with the latest cyber security threats, vulnerabilities, and industry trends to proactively address potential risks. Develop, update, and implement security policies, procedures, and standards to ensure compliance with regulatory requirements and industry-standard methodologies. Collaborate with multi-functional teams, such as engineering, operations, and compliance, to implement security controls and effectively resolve security-related issues. Conduct comprehensive security training and awareness programs to educate employees on cybersecurity standard methodologies. Participate in incident response activities, including investigations, root cause analysis, and remediation efforts. Provide authority guidance and recommendations on security architecture, designs, and configurations for new systems and infrastructure. Assist in the evaluation, selection, and implementation of security tools and technologies. Build and maintain capabilities to secure Web Application Firewall (WAF), Bots protection, API, Data, VMs, and Networks. Implement detailed process management to ensure audit trails of activities are reviewed and aligned with policy and audit requirements. Coordinate compliance audits and provide assistance to auditing teams with automation and evidence collection. Actively participate in architecture and design reviews to identify and mitigate security and privacy risks. Create and enforce infrastructure hardening standards to minimize attack vectors. Use Python for security-related tasks, such as automation and analysis. Demonstrate exceptional problem-solving capabilities, work both independently and cross-functionally with teams, and possess superb communication skills to successfully connect with collaborators. What you need to succeed Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field. Proven experience as a Cyber Security Expert or a similar role, preferably within a large-scale, distributed systems environment. In-depth knowledge of cyber security principles, technologies, and best practices, including network security, application security, data protection, and incident response. Familiarity with cloud computing platforms (e.g., AWS, Azure, GCP) and their respective security controls. Strong understanding of security frameworks, such as NIST, ISO 27001, or CIS Controls. Experience with vulnerability scanning tools, penetration testing methodologies, and security assessment techniques. Proficiency in scripting or programming languages (e.g., Python, Bash) for automating security tasks and analysis. Experience of PHP7,8 (including debugging and profiling) and Magento (Adobe Commerce) framework is a huge plus. Excellent problem-solving and analytical skills with the ability to identify, analyze, and resolve sophisticated security issues. Experience with SQL Databases (MySQL), DB architecture, profiling, and optimization of queries would be a plus. Strong communication and collaboration skills to optimally work with multi-functional teams and communicate sophisticated security concepts to non-technical stakeholders. Relevant industry certifications (e.g., CISSP, CISM, CEH) are highly desirable. Intellectual curiosity and a continuous learning mentality. Strong desire to work in a dynamic and fast-paced environment. Willingness to participate in an on-call pager rotation. Working closely with the North American customer in their time zone (working hours would be EDT/EST as for North Americas).