Sr. Information Security Engineer

Information Technology Pune, India

Powering Performance Marketplaces in Digital Media

 

QuinStreet is a pioneer in powering decentralized online marketplaces that match searchers and “research and compare” consumers with brands. We run these virtual- and private-label marketplaces in one of the nation’s largest media networks.

 

Our industry leading segmentation and AI-driven matching technologies help consumers find better solutions and brands faster. They allow brands to target and reach in-market customer prospects with pinpoint segment-by-segment accuracy, and to pay only for performance results.

Our campaign-results-driven matching decision engines and optimization algorithms are built from over 20 years and billions of dollars of online media experience.

 

We believe in:

  • The direct measurability of digital media.
  • Performance marketing. (We pioneered it.)
  • The advantages of technology.

 

We bring all this together to deliver truly great results for consumers and brands in the world’s biggest channel.

Security Operations Engineer 

QuinStreet is looking to hire an accomplished Information Security Engineer to join our Security Team reporting into the Vice President of Information Security. The successful candidate will focus on operational processes surrounding vulnerability assessment/management, event monitoring/correlation, intrusion detection, investigations, security awareness, incident response, data lost prevention, etc.

                                                            

Job Responsibilities:

 

  • Conducts in-house penetration testing and code-reviews of prosper applications and platform.
  • Conduct web application security scans, analyze results for false positives, prioritize vulnerabilities, and research and propose remediation steps.​
  • Conduct regular security assessments of internally developed applications.
  • Asset identification, network discovery, and software inventory
  • Analysis of hacking, penetration and defense threats
  • Perform post mortem analysis on logs, traffic flows, and other activities to identify malicious activity.
  • Create automated tests to encourage and enforce security standards.
  • Develop response procedures for addressing potential security threats
  • Monitor and respond to SIEM alerts.
  • Prepare, Review, analyze and acknowledge daily / weekly / monthly security reports.

Qualifications

 

  • Hands-on experience using a major Enterprise Web Scanning Tool: e.g., HP WebInspect, IBM, Veracode, Acunetix, Cenzic, or QualysGuard
  • Be familiar or efficiently administer/monitor (hands on) various IT and security tools such as: Qualys, AV(Symantec 11-12), Imperva WAF,  DLP (Websense / Symantec), Tripwire, Nitro SIEM, Malware detection, IDS/IPS, Forescout, SSL VPN, Cisco and Palo Alto Firewalls, and other security tools (or equivalent security tools).
  • Familiar with vulnerability assessment, confirmation, and validation tools, processes, methodologies, and strategies, including static and dynamic analysis tools/techniques
  • Familiar with vulnerability reporting, tracking, management, and remediation processes, methodologies, and strategies
  • Familiar with host and vulnerability discovery strategies, processes, and best practices
  • Experience with Penetration Testing
  • Experience with modern Web Application Framework (Java/Rails/.Net) required, .Net Framework 3.0 – 4.0, ASP.NET, ASP.Net MVC desirable, NHibernate, IoC based Framework, AOP Framework, Web Services (SOAP/WSDL or ReST/WADL), WCF desirable
  • Knowledge of Security Flaws and its Resolution as listed in sites like OWASP, SANS, etc.
  • General IT security best practices knowledge that include Firewalling, Server Hardening, Web Content Filtering, Vulnerability Scanning, and Endpoint Protection (antivirus, disk encryption, host intrusion prevention, etc.).

QuinStreet is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, national origin, pregnancy status, sex, age, marital status, disability, sexual orientation, gender identity or any other characteristics protected by law.