Job Description

Responsibilities

• Serve as a Subject Matter Expert (SME) for security technologies, supporting high visibility needs of the business in a variety of special projects. These unique projects often involve expedited deliverables, operational agility, and require top quality deliverables covering both the consulting and operations functions.
• Investigate any security incidents and provide insights to internal/external business users.
• Develop processes and procedures and fine-tune alerts as part of ongoing improvisation of security operations.
• Develop cloud/hybrid and cloud platform-specific security policies, standards, and procedures on cloud providers (Azure, AWS) and cloud-native platforms (PCF, Docker, Kubernetes, etc.)
• Identify and deliver appropriate cloud security controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud-native threats
• Conduct integration of supported Cloud-based Security Products such as Web Application Firewall (WAF), Web Security Proxy, etc.
• Conduct detailed & comprehensive investigations and triage on a wide variety of security events.
• Recommend and implement remediation processes.
• Stay up-to-date with the latest security threats, vulnerabilities, and mitigation techniques
• Collaborate with cross-functional teams to implement security measures and address security requirements.
• Communicate security risks, recommendations, and status updates to stakeholders, management, and team members.
• Identify opportunities to improve processes and/or tools to ensure the highest level of quality, including documentation, mentoring, and training sessions.
• Own the technical components of a customer integration project including but not limited to configuration, debugging, documentation, testing, and go-live support.
• Identify and mitigate potential security threats and vulnerabilities
• Provide relevant recommendations to improve the overall security posture of customers.
• Deployment of security technologies while ensuring standards are adhered to as well as maintenance/ repair supervision working with vendor support teams on corrective activities for system issues.
• Assist in any ad-hoc tasks when necessary.

Requirements

• Over 5 years of experience in Information Security or engineering.
• At least 2 years of direct experience in one of the Public Cloud platforms, such as AWS or Azure with strong knowledge of their security features.
• Ability to identify and drive remediation of public and hybrid cloud risks
• Experience in general security technologies, processes, and concepts.
• Industry-recognized security certifications (OSCP, CISSP, CISA, CEH, AWS Security, etc.).
• Working experience on SIEM / Analytics tools, eg: Securonix, Sentinel
• Working experience with common security operations systems, Intrusion Detection Systems (IDS/IPS), Security Incident Event Management systems (SIEM), anti-virus log collection systems, etc
• Strong analytical and problem-solving skills, with the ability to identify and address security risks and vulnerabilities
• Working knowledge of security systems and programs
• Ability to analyze and develop innovative recommendations and solutions.
• Sound fundamental knowledge of Internet technologies, such as TCP/IP, HTTP, SSL, DNS, OWASP Top10, and web servers (e.g. Apache, IIS, Nginx, etc.).
• Experience with web security concepts and technologies such as web application firewalls, and proxy.
• Familiarity with AWS technologies, such as CodePipeline, CodeBuild, CodeDeploy, CodeStar, Guardrails, Amazon ECS, AWS Lambda, and Open-source tools like Jenkins, DefectDojo, and OWASP Glue will be an added advantage.
• Excellent verbal and written communication skills
• Independent and results-oriented
• Willing to work on a flexible schedule depending on business need\xe3\x80\x82

Shortlisted candidates will be offered a 1 Year Agency contract employment.

Jobline Resources