Security Engineering Expert
- Baner, Pune, Maharashtra, India
PubMatic is a digital advertising technology company for premium content creators. The PubMatic platform empowers independent app developers and publishers to control and maximize their digital advertising businesses. PubMatic’s publisher-first approach enables advertisers to maximize ROI by reaching and engaging their target audiences in brand-safe, premium environments across ad formats and devices. Since 2006, PubMatic has created an efficient, global infrastructure and remains at the forefront of programmatic innovation. Headquartered in Redwood City, California, PubMatic operates 13 offices and nine data centers worldwide.
We create and optimize solutions for a rapidly growing mature Adtech business on a global scale. We work with distributed infrastructure, petabytes of data, and billions of transactions with no limitations on your creativity. You don’t have to always wait for an architect or manager to tell you what to work-on, you will decide your priorities! Our tech hubs are in Redwood City and Pune.
Within the Adtech environment, you have a deep understanding of the complex nature of security spanning infrastructure, applications and IT. You feel comfortable understanding security in the context of infrastructure, applications (java, open source tools). Does not hesitate digging into code to understand the subtle and obscure problems that can arise due to security vulnerabilities in the environment. You work with people, technical and non-technical alike, to understand security posture needed to help them understand, implement changes to address them. You're a company resource, providing best practices, guidelines, and feedback around security. You have your finger on the pulse of security across the Ad platform internally as well as from what happens externally.
You have a cool head under pressure. When a technical fire occurs, you understand that putting it out should always avoid collateral damage. When you cause a fire (as everyone inevitably does), you take responsibility for it and work with the team to figure out the right way to put that fire out. You believe blaming is a waste of time: when something goes wrong, you figure out why it happened and how to prevent it from happening again in the future. Better yet, you look for how things went right in the first place and improve upon those.
As a member of security team, you seek out feedback on your findings, designs and ideas and provide the same to others. You constantly ask 'What am I missing?' and 'How will this NOT work?' You don't shy away from what you don't know; you readily admit that you don't know everything, and use every resource available within and outside the company to learn what you need to know.
- Work closely with users, Network, Systems, CorpIT, Database, Big Data, Engineering and business teams to identify and resolve complex security issues
- Design, recommend, and implement security improvements by evaluating current systems and procedures, researching trends, and anticipating requirements
- Protect systems by defining access privileges, control structures, and resources
- Identify abnormalities, flag problems, and report violations
- Perform periodic system penetration testing
- Perform analysis and correlation of security events from multiple sources including but not limited to events from AV, network and host based intrusion detection systems, firewall logs, system logs (Linux, Windows, Mac), Domain Controller Logs and artifacts in hosted and collocated environments
- Perform regular vulnerability scans of environment and recommend prioritized remediation of vulnerabilities found
- Evaluate, recommend and lead the effort to implement a Data Loss Prevention solution
- Uncover security violations and inefficiencies by conducting and participating in IT audits
- Upgrade system by implementing and maintaining security controls
- Provide a quarterly report on the status of PubMatic physical, data, and application security; include recent improvements and future recommendations
- Create and update annual security strategy report
- Attend educational workshops and read industry publications to grow technical knowledge and stay current on trends as it pertains to AdTech environment
- Define, implement and maintain corporate security policies and procedures
- Acquire a complete understanding of a company’s technology and information systems
- Plan, research and design robust security architectures for any IT project
- Oversee security awareness programs and educational efforts
- Respond immediately to security-related incidents and provide a thorough post-event analysis
- Research security standards, security systems and authentication protocols
- 6 to 7+ years of IT and applications experience (3+ years of security experience preferred)
- Experience in Network Security, Information Security Policies, and Network Protocols
- Familiar with emerging technologies in the security monitoring, event correlation and alert/detection space
- Ability to correlate security events, system artifacts and IOCs and make accurate conclusions and timely remediation’s
- Exceptional customer service skills
- BE/BTech/BS/BCS/MCS/MCA in Computers or equivalent
- CISSP Certification
- GIAC Certifications (GSEC, GIAC, GMON, GCIH, GPEN, or GWAPT)
Coronavirus notice: PubMatic is actively working to ensure candidate and employee safety. Currently, all hiring and onboarding processes at PubMatic will be carried out remotely through virtual meetings until further notice.
Benefits: Our benefits package includes the best of what leading organizations provide, such as stock options, paternity/maternity leave, healthcare insurance, broadband reimbursement. As well, when we’re back in the office, we all benefit from a kitchen loaded with healthy snacks and drinks and catered lunches and much more!
Diversity and Inclusion: PubMatic is proud to be an equal opportunity employer; we don’t just value diversity, we promote and celebrate it. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.