Responsibilities

  • Serve as a Subject Matter Expert (SME) for security technologies, supporting high visibility needs of the business in a variety of special projects. These unique projects often involve expedited deliverables, operational agility, and require top quality deliverables covering both the consulting and operations functions
  • Investigate any security incidents and provide insights to internal/external business users
  • Develop processes and procedures and fine-tune alerts as part of ongoing improvisation of security operations
  • Develop cloud/hybrid and cloud platform-specific security policies, standards, and procedures on cloud providers (Azure, AWS) and cloud-native platforms (PCF, Docker, Kubernetes, etc.)
  • Identify and deliver appropriate cloud security controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud-native threats
  • Conduct integration of supported Cloud-based Security Products such as Web Application Firewall (WAF), Web Security Proxy, etc
  • Conduct detailed & comprehensive investigations and triage on a wide variety of security events. 
  • Recommend and implement remediation processes
  • Stay up-to-date with the latest security threats, vulnerabilities, and mitigation techniques
  • Collaborate with cross-functional teams to implement security measures and address security requirements
  • Communicate security risks, recommendations, and status updates to stakeholders, management, and team members
  • Identify opportunities to improve processes and/or tools to ensure the highest level of quality, including documentation, mentoring, and training sessions
  • Own the technical components of a customer integration project including but not limited to configuration, debugging, documentation, testing, and go-live support
  • Identify and mitigate potential security threats and vulnerabilities
  • Provide relevant recommendations to improve the overall security posture of customers
  • Deployment of security technologies while ensuring standards are adhered to as well as maintenance/ repair supervision working with vendor support teams on corrective activities for system issues
  • Assist in any ad-hoc tasks when necessary

Requirements

  • Over 5 years of experience in Information Security or engineering
  • At least 2 years of direct experience in one of the Public Cloud platforms, such as AWS or Azure with strong knowledge of their security features
  • Ability to identify and drive remediation of public and hybrid cloud risks
  • Experience in general security technologies, processes, and concepts
  • Industry-recognized security certifications (OSCP, CISSP, CISA, CEH, AWS Security, etc.).
  • Working experience on SIEM / Analytics tools, eg: Securonix, Sentinel
  • Working experience with common security operations systems, Intrusion Detection Systems (IDS/IPS), Security Incident Event Management systems (SIEM), anti-virus log collection systems, etc
  • Strong analytical and problem-solving skills, with the ability to identify and address security risks and vulnerabilities
  • Working knowledge of security systems and programs
  • Ability to analyze and develop innovative recommendations and solutions
  • Sound fundamental knowledge of Internet technologies, such as TCP/IP, HTTP, SSL, DNS, OWASP Top10, and web servers (e.g. Apache, IIS, Nginx, etc.)
  • Experience with web security concepts and technologies such as web application firewalls, and proxy.
  • Familiarity with AWS technologies, such as CodePipeline, CodeBuild, CodeDeploy, CodeStar, Guardrails, Amazon ECS, AWS Lambda, and Open-source tools like Jenkins, DefectDojo, and OWASP Glue will be an added advantage
  • Excellent verbal and written communication skills
  • Independent and results-oriented
  • Willing to work on a flexible schedule depending on business need


Shortlisted candidates will be offered a 1 Year Agency contract employment