Cogoport Story
Cogoport is on a mission to bridge the $3.4 trillion Trade Knowledge and Execution Gap, empowering businesses worldwide by simplifying global trade. As a leading Global Trade Platform, we help companies connect with trade partners, optimize logistics, and improve cash flow. Recognized as an Asia-Pacific High-Growth Company (Financial Times) and an Indian Growth Champion (Economic Times), we are expanding across India, China, Vietnam, Singapore, Thailand, and Indonesia.
Why Join Us?
At Cogoport, you'll work with some of the brightest minds in the industry, driving digital transformation in logistics. We foster an entrepreneurial culture, where innovation, impact, and career growth go hand in hand.
Role Overview:
We are looking for a skilled Information Security Engineer (SDE-2) to strengthen our security posture and protect our applications, data, and infrastructure from cyber threats. The ideal candidate will play a key role in implementing security best practices, conducting risk assessments, and ensuring compliance with industry standards.
Responsibilities:
Design, implement, and maintain robust security controls for applications, networks, and cloud infrastructure.
Conduct vulnerability assessments, penetration testing, and risk analysis to identify security gaps.
Develop and enforce secure coding practices for software development teams.
Implement IAM (Identity & Access Management) policies and security monitoring solutions.
Ensure compliance with security frameworks such as ISO 27001, SOC 2, GDPR, and NIST.
Work closely with DevOps teams to integrate security into CI/CD pipelines.
Monitor, analyze, and respond to security incidents and threats.
Conduct threat modeling and security awareness training for engineering teams.
Automate security processes using scripting (Python, Bash, etc.).
Collaborate with cross-functional teams to ensure secure architecture design.
Requirements:
Required Skills & Qualifications:
3+ years of experience in information security, cybersecurity, or security engineering.
Strong knowledge of application security, cloud security (AWS/GCP/Azure), and network security.
Experience with SIEM solutions, log analysis, and intrusion detection/prevention systems.
Hands-on experience with secure coding practices in programming languages like Java, Python, or Go.
Proficiency in security testing tools such as Burp Suite, Metasploit, OWASP ZAP, Nessus, and Wireshark.
Understanding of encryption, authentication protocols, and PKI.
Experience in DevSecOps and securing CI/CD pipelines.
Strong knowledge of firewalls, VPNs, IDS/IPS, and endpoint security solutions.
Hands-on experience with security automation and scripting.
Excellent problem-solving skills and the ability to work in a fast-paced environment.
Preferred Skills (Good to Have):
Certifications such as CISSP, CEH, OSCP, or CISM.
Knowledge of container security (Docker, Kubernetes security best practices).
Experience with zero-trust architecture and security frameworks.
Understanding of forensics, incident response, and malware analysis.
Exposure to blockchain security and API security.