Level: Lead/Sr. Lead/Assistant Manager
Location: Gurgaon (Remote)
Reporting to: Head of Cyber Defense, based in India
Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries.
Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners.
- Fareportal is the number 1 privately held online travel company in flight volume.
- Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide.
- 2019 annual sales exceeded $5 billion.
- Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites.
- Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City.
Job Description and Responsibilities:
- Work with DevOps team to secure end-to-end image/container lifecycle from image build to production deployment
- Work with container scanning and monitoring tools such as KubeHunter, Falco and KubeBench
- Experience in working with cloud native security tools for AWS and Azure
- Identify security control gaps in existing cloud environment and provide recommendations to improve cloud security posture across multiple cloud providers
- Work with Engineering and Application teams to remediate the gaps and devise solution for continuous posture assessment and monitoring of the environment
- Guide and support various teams to secure microservices, Application Programming Interfaces (APIs), secrets and sensitive information within applications
- Lead investigations related to security incidents and coordinate with relevant teams to triage, prioritize and respond to the incidents
- Perform threat hunting by continuously monitoring emerging threats and vulnerabilities and proactively identify and mitigate such threats within the organization
- Evaluate threat intelligence sources related to cyber-attacks, exploit kits and malware to determine organizational risk and improve defensive measures
- Hands-on experience in container framework such as Kubernetes and Docker
- Good understanding of cloud security principles
- Understanding of DevOps principles, tools and the intersection with cloud architecture
- Good understanding of incident response lifecyle
- Strong troubleshooting and problem-solving skills
- Awareness of cybersecurity trends and emerging threats
- Good communication and persuasive skills
- Lead and motivate team members
- Good project planning and documentation skills
- Ability to drive and execute projects end-to-end
- Team Building skills – Knowledge sharing, training, motivating and development of team members
- BS/MS/BE/BTech/MBA in technology-related or information security curriculum
- Required 4-7 years of relevant experience in Information Security
- CEH, OSCP, CISSP or similar relevant Information Security certifications is preferred
- Ability to work 24X7 and travel to US or domestic as needed. Able to support during US business hours
- Ability to jump on incidents when required in order to remove active threats against the company