Overview

CACTUS is a remote-first organization and we embrace an accelerate from anywhere culture. You may be required to travel to our Mumbai office based on business requirements or for company/team events.

The DevOps team seeks an Information Security & Compliance Engineer (Intern) responsible for conducting initial-level Information Security regular audits, ensuring compliance with cyber security laws and regulations, and establishing compliance across various web properties, verticals, and teams. The ideal candidate will manage multiple projects and tasks concurrently. As a member of our DevOps team,
you will closely collaborate with Editage, Researcher Life, Cactus Lab, ISMS, and Legal departments. 

Responsibilities

• Management and periodic review of access controls.
• Periodic review of DB, VPN, Jira, Confluence, and Git Repository across teams.
• Revoking access for departing employees.
• Periodic review of implemented compliances.
• Conducting UAT for smaller projects.
• Following up on technology-related projects and providing status updates.
• Conducting internal VAPT on websites.
• Regular review of security protocols.
• Periodic review of Data Privacy Impact Analysis.
• Responding to security questionnaires from potential and existing clients.
• Assisting ISMS in ISO 27001 Information security audits.

Qualifications and Prerequisites

• Understanding of Information Security Principles.
• Knowledge of application security.
• Familiarity with OWASP Top 10 Vulnerabilities.
• Proficiency in technologies such as HTML, Scripting Languages, SQL, and Basic Unix commands.
• Understanding of basic networking concepts including protocols, ports, TLS, HTTP, and HTTPS.
• Knowledge of Personal Data Privacy Laws such as GDPR and PECR.
• Familiarity with tools like ZAP and BurpSuite is desirable.
• Basic understanding of AWS Cloud.
• Willingness to learn and accomplish tasks efficiently.