| Primary Responsibilities:
Perform audits for cloud security configurations
Write secure configuration guidelines for security devices and tools
Monitor and analyze security alerts/logs and information and escalating as needed.
Conduct penetration tests and vulnerability assessments
Analyze, respond to, and lead security incidents and breaches
Research and recommend IT Security solutions as needed
Manage 3rd-party security assessments
Respond to RFPs and customer’s questionnaires
Produce security reports pertaining to vulnerability metrics found in testing efforts
Report on the status of remediation work related to the implementation, change, retirement or upgrade of IT Security and DR controls and processes.
Requirements:
Minimum of 2-3 years of work experience in Information Security
Strong technical understanding of IT, to be able to validate that an environment meets all security and compliance controls
Proven experience in one or more of the following:
*SaaS, PaaS, and IaaS technologies including security architecture design and implementations
*AWS security implementations using IAM, KMS, Trusted Advisor, Security Groups, NACL
*Monitoring the AWS applications using Cloud Trail, Cloud Watch, Config
*Web Services, SOA Architecture, Application Security Firewalls, XML Firewalls, and IDS technologies
*Containers and Micro Services such as Docker and Kubernetes
Familiarity with secure configurations for Microsoft Windows, Linux and macOS
Strong verbal, reading and writing in English
Advantages:
Certifications, such as CISSP, CEH, GCFE, GPEN, GWAPT, CompTIA security
Experience with SIEM and Log management (Splunk, Syslog, Events Logs, ELK, etc.)
Hands-on experience with tools like Nessus, Wireshark, Next Generation AV tools, EDR |
