9 Gcih Jobs

The Group Security (GS) Cybersecurity Defense Center (CDC) team is looking for a Security Operations Center (SOC) Analyst, responsible for execution of incident response, investigative analysis of security incidents, reporting, continuous improvement, and post-incident activities. Will work closely with the CDC Engineering Team, internal Nokia teams, external Security Suppliers, and various technology vendors. Group Security (GS) is part of Strategy & Technology and Nokias central knowledge center for Nokias cybersecurity policies and standards, the cybersecurity architecture and roadmap, and the monitoring and alerting of security incidents. You have: 5+ years of experience in a Security Operations Center (SOC) or similar role 2+ years of experience working with one or more of following systemsMicrosoft Sentinel, Microsoft Defender for Endpoint (MDE), Microsoft Defender for Identity (MDI), SentinelOne or Rapid7 Deep knowledge of incident response methodologies and forensic analysis techniques Strong understanding of cloud security principles and experience with major cloud platforms (AWS, Azure, GCP) Expertise in leveraging automation tools for enhancing security operations It would be nice if you also had: Certifications such as CompTIA Cybersecurity Analyst (CySA+), GIAC Certified Incident Handler (GCIH), or Certified SOC Analyst (CSA) Mentoring experience with junior analysts Execute complex security investigations using log analysis and threat intelligence across all Nokia assets Collaborate with SOC Engineers to drive automation and implement AI-powered security solutions Apply cloud security best practices and zero-trust architecture principles in security operations Engage with senior stakeholders to communicate security risks and improve incident response efforts Lead advanced threat hunting initiatives leveraging expertise in security tools and techniques Contribute to the continuous development of SOC processes, technologies, and techniques for enhanced security Mentor and guide junior analysts to foster a culture of learning and professional growth Facilitate post-incident activities, ensuring comprehensive reporting and continuous improvement of security measures

Senior Security Operations Analyst We are seeking an experienced professional to join our Pune, India office as a Senior Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What youll do: Manage the day-to-day operations of Microsoft Sentinel, including rule creation, log ingestion, data analytics, and alert triaging Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities Leverage Wiz Defend to detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time Continuously monitor and investigate alerts generated by Wiz Defend to enhance threat detection, triage, and incident response capabilities Perform proactive threat hunting to identify and mitigate advanced threats Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership Continuously improve SOC processes and playbooks to streamline operations and response efforts Mentor junior SOC analysts and provide guidance on security best practices This role requires participation in a rotational shift Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed What youll bring: Strong analytical and problem-solving abilities Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams Proven ability to remain calm and efficient under a high-pressure environment Proficient in using SIEM tools, such as Microsoft Sentinel Experience with data migration strategies across SIEM platforms Experience on Cloud Security Operations and Incident Response platforms such as Wiz In-depth understanding of cyber threats, vulnerabilities, and attack vectors Proficient in creating KQL queries and custom alerts within Microsoft Sentinel Expertise in developing SIEM use cases and detection rules Skilled in incident response and management procedures Experienced in conducting deep-dive investigations and root cause analysis for incidents Adept at collaborating with stakeholders to resolve complex cybersecurity challenges Ability to automate routine SOC processes to enhance operational efficiency Experienced in mentoring and guiding junior analysts in security operations Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools Good to have skills and abilities: Excellent interpersonal (self-motivational, organizational, personal project management) skills Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System Ability to analyze cyber threats to develop actionable intelligence Skill in using data visualization tools to convey complex security information Academic Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) 4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks Experience with SIEM migration Expertise in incident response, threat detection, and security monitoring Solid understanding of Windows, Linux, and cloud security concepts Relevant certifications (e.g., CompTIA Security+, Microsoft Certified: Security Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred Preferred Security Cloud Certifications: AWS Security Specialty

Minimum 3 years’ experience working in a large-scale IT environment with focus on Cyber / Information Security. Areas of expertise should include Pre-Sales support, Service & Solution delivery, part of program management (Transition & Transformation) Required Candidate profile Knowledge in SIEM, SOAR, Threat Hunting, EDR, Deception, NTA, NBAD, UEBA. Handson experience on leading analytical platforms like Splunk, IBM QRadar, Hunters, Sumo Logic, Sentinel. Certification:CISSP

Position Summary: Cigna Information Protection is looking for a Data Loss Prevention (DLP) Lead Analyst. The DLP Lead Analyst monitors user behavior-based cybersecurity events, controls the access and usage of classified data, provides senior technical support and expertise with Cloud/SaaS/CASB integration into the enterprise DLP solution, and serves as a point of escalation for Data Loss incidents. The ideal candidate will have excellent analytical and problem-solving skills, strong communication skills (written and verbal), and a strong technical skill set. The candidate should also have a good understanding of Insider Threat programs along with Gen AI knowledge/ toolsets. Job Description & Responsibilities: Engineering level expertise to provide guidance and direction for Cloud/SaaS/CASB platforms in relation to data loss monitoring, automation, alerting, mitigating security incidents. Provide recommendations for security improvements by assessing current DLP landscape, evaluating trends and products, and anticipating future requirements to reduce enterprise risk. Develop and assist in engineering solutions for DLP related use cases related to automation involving SOAR and SIEM platforms. Develop and maintain log query, offense rules, actionable alerts, and report creation in SIEM platform. Identify, analyze, and verify Data Loss events related to email, web, endpoint channels. Perform security analysis of network traffic data and report on threats for handoff and additional analysis. Threat mitigation through immediate action utilizing enterprise security tools and outreach to partner teams to achieve containment. Work within rotational schedule to ensure full coverage for event monitoring and security report review as needed Provide supporting evidence as needed to support Privacy Office investigations Assist in audit activities to provide evidence, address and remediate Findings Ensure process and procedure guides are up to date and accurate Follow enterprise Change Management workflows to ensure stable production implementation of enhancements Maintain and tune policies/rules within data loss tools to reduce risk to company. Assist with metric collection for weekly/monthly management reporting requirements. Support projects to assist in deployment, tuning and configuration of new technology as needed. Support 24x7 on call for escalated security incidents on a rotational basis. Perform other security duties as required Follow up and review cases until closure which includes investigating and recommending appropriate corrective actions for cyber security incidents and communicating with the implementation staff responsible or taking corrective actions. Manage and escalate Data Loss incidents to Senior Management for awareness and resolution in timely manner. Experience Required: Overall 8 - 11 years of I.T. and/or information security experience 3+ years of experience using enterprise level DLP solutions Experience Desired: Scripting ability in Python and/or Perl and a deep understanding of command line tools such as grep and tcpdump Industry recognized certification in cyber security such as GCIA, GCIH, CISSP or similar Networking certifications (e.g. CCNA - Security, CCNP) and demonstrated practical experience Linux knowledge a plus Education and Training Required: Bachelors degree in Computer Science, Information Technology, or related field Education and / or experience which is equivalent to the above Primary Skills: Strong understanding of Cloud Security concepts and CASB function. Understanding of Insider Threat programs along with Gen AI knowledge. Expertise with a variety of security tools such as CASB, Cloud proxy, Data Loss Prevention platforms, Security Information and Event Management (SIEM) system, email proxy systems, SOAR platforms. Applied scripting expertise in Powershell, VBscript, Python and strong understanding of Regex. Strong understanding of infrastructure designs; including routing, firewall functionality, load balancing, and in-depth understanding of other network protocols. Demonstrated experience with network and endpoint data loss prevention (DLP) tools. Candidate will be required to utilize various security tools to monitor security risks in the Cigna internal network, create cases in case tracking tool and initiate investigation where warranted. Additional Skills: Demonstrated ability to work in a team environment. Self-starter willing to take initiative to go beyond the ask. Ability to effectively prioritize tasks and work independently with minimal daily management interaction. Excellent written and verbal communication skills. Strong judgment and leadership skills. Ability to work effectively with clients and IT management and staff. Ability to participate in customer and partner facing meetings and projects, including those that involve technical topics. Strong analytical skills and inferential thinking. Ability to create and document new processes/procedures and gain intra and inter team buy-in and acceptance. Ability to operate and contribute effectively as a remote member of a global Information Protection team.

Position: Senior Engineer-IT Security Job Location: Pune, India Role Overview/Your Impact: We are looking for a highly skilled and detail-oriented Senior Engineer IT Security to join our Security Operations Center (SOC) team. As a Senior Engineer, you will be responsible for protecting the organization's IT infrastructure by monitoring, identifying, and responding to security threats or weaknesses and vulnerabilities. You will manage security tools for advanced analysis and investigation of security logs from various sources such as firewalls, intrusion detection/prevention systems (IDS/IPS), servers, applications, and other security devices. You will be expected to identify, investigate, and respond to security incidents, provide deep technical analysis, and work closely with other teams to improve the organizations overall security posture. What Does the team do The Security Operations Center (SOC) team plays a critical role in safeguarding an organization's IT infrastructure by actively monitoring, detecting, responding to, and mitigating cybersecurity threats in real time. This team's primary responsibility is to maintain a robust security posture, ensuring the integrity, confidentiality, and availability of systems, networks, and data. What will you do Acknowledge, analyze, and validate incidents triggered by multiple security tools like IDS/IPS, Web Application Firewall, Firewalls, Endpoint Detection & Response tools, and events through SIEM solution. Acknowledge, analyze, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc. Collection of necessary logs that could help in the incident containment and security investigation Escalate validated and confirmed incidents. Understand the structure and the meaning of logs from different log sources such as F/W, IDS/IPS, WAF, Domain Controller, Cloudflare, XDR Solution, Microsoft office 365 etc. Open incidents in the ticketing platform to report the alarms triggered or threats detected. Track and update incidents and requests based on updates and create root cause analysis. Report on IT infrastructure issues to the IMS Team. Working with vendors to work on security issues. Log Analysis and Investigation: Analyze large volumes of security logs from multiple sources (e.g., network devices, firewalls, IDS/IPS, SIEM tools, etc.) to identify potential security incidents, threats, and vulnerabilities. Perform in-depth investigations of suspicious activities to identify the root cause and potential impact. Prioritize and escalate incidents based on severity and risk. Incident Response: Lead the investigation and resolution of security incidents, coordinating with L1 and L2 teams as necessary. Provide detailed analysis and actionable intelligence to stakeholders to guide remediation efforts. Track incidents through to resolution and closure, ensuring all documentation is accurate and complete. Maintain Incident response procedures and SOPs Threat Intelligence Integration: Use threat intelligence feeds and other external resources to enhance log analysis and identify emerging threats. Correlate internal data with external threat intelligence to identify new attack vectors and trends. Tools & Technologies: Utilize SIEM tools (e.g., LogRhythm) to perform advanced log searches, filtering and correlation. Work with other SOC tools such as ticketing systems, network monitoring solutions, Email monitoring, and endpoint security tools. Collaboration & Reporting: Collaborate with SOC teams, IT teams, and management to provide detailed incident reports and security assessments. Develop and maintain documentation, playbooks, and procedures to improve the efficiency of the SOC. Provide mentorship and training to junior analysts (L1/L2). Continuous Improvement: Analyze and improve SOC processes, workflows, and detection methodologies to enhance overall efficiency and security posture. Regularly update and review log sources, collection mechanisms, and detection rules to adapt to changing threat landscapes. Perform other duties as assigned. Required Skills & Qualifications: Experience: Minimum of 4 years of experience in a security operations environment with a focus on log analysis, incident response, and threat detection. Strong knowledge of security concepts and technologies such as firewalls, IDS/IPS, antivirus, vulnerability scanners, encryption, and network protocols. Experience working with SIEM tools such as LogRhythm etc. Technical Skills: Strong knowledge of networking protocols (TCP/IP, HTTP, DNS, etc.) and the ability to analyze traffic and logs. Experience with log parsing, log correlation, and log analysis at an advanced level. Familiarity with scripting languages (e.g., Python, PowerShell) for automating tasks and log analysis. Strong understanding of security incident response lifecycle, including containment, eradication, and recovery. Certifications(Preferred): Certified Incident Handler (GCIH) Certified SOC Analyst (CSA) Certified Ethical Hacker (CEH) Soft Skills: Strong analytical and problem-solving abilities. Ability to work under pressure in a high-stress, fast-paced environment. Strong written and verbal communication skills for preparing reports and interacting with teams across the organization. Excellent attention to detail and a proactive approach to identifying and addressing security issues.

Summary The role requires providing expertise and leadership for Incident Response capabilities including good understanding of cyber incident forensics. It requires providing both subject matter expertise and project management experience to serve as the point person” of client engagement in domain. The candidate shall pertain efficient incident response and remediation skills to minimise the impact of cyber risks. The individual will oversee and support security monitoring operations team and assist them during security incidents and ensure incidents are managed and responded effectively including and reporting to stakeholders. This role primarily consists of leading team of the Incident responders, Incident managers and stakeholders (including client, vendors, etc.) and to conduct thorough response activities on behalf of a wide variety of clients across sectors. Candidate is required to work in complex security environments and alongside SOC team to design, communicate and execute incident response, containment and remediation plans. Candidate is required to have hands-on experience of incident management and investigation tools and shall be comfortable leading teams on challenging engagements, communicating with clients, providing hands-on assistance with incident response activities, and creating and presenting high-quality deliverables. Designation / Role: Role: Incident Response Leader Level: AD Responsibilities Manage client engagements, with a focus on incident response and investigation. Provide both subject matter expertise and project management experience to serve as the “point person” for client engagements Assist with client incident scoping call and participate in the incident from kick-off through full containment and remediation. Security Analytics - Efficiently distill actionable information from large data sets for reporting, hunting, and anomaly detection. Recommend and document specific countermeasures and mitigating controls with post incident analysis findings Develop comprehensive and accurate reports and presentations for both technical and executive audiences Conduct Digital Forensic and Incident Response (DFIR) analysis, network log and network PCAP analysis, malware triage, and other investigation related activities in support of Incident Response investigations Supervise Digital Forensics and Incident Response staff, and assisting with performance reviews and mentorship of cybersecurity professionals Mature the Security Incident Response process to ensure it meets the needs of the Clients Interact with Client’s CSIRT teams to cater continuous and/or ad-hoc client requests for Incident Response services Possess the experience, credibility and integrity to perform as an expert witness. Involve in business development activities and supporting pre-sales teams in Identify, market, and develop new business opportunities Assist with research and distribute cyber threat intelligence developed from Incident Response activities Research, develop and recommend infrastructure (hardware & software) needs for DFIR and evolve existing methodologies to enhance and improve our DFIR practice. Skills required 10-14 years Information Security experience with at least 5 year of Incident Response experience. Solid understanding of MITRE ATT&CK, NIST cyber incident response framework and Cyber kill chain. Understanding of Threat Hunting and threat Intelligence concepts and technologies Experience of leveraging technical security solutions such as SIEM, IDS/IPS, EDR, vulnerability management or assessment, malware analysis, or forensics tools for incident triage and analysis. Deep experience with most common OS (Windows, MacOS, Linux, Android, iOS) and their file systems (ext3.4, NTFS, HFS+, APFS, exFAT etc) Proficiency with industry-standard forensic toolsets (i.e. EnCase, Axiom/IEF, Cellebrite/UFED, Nuix and FTK) Experience of enterprise level cloud infrastructure such as AWS, MS Azure, G Suite, O365 etc.. Experience of malware analysis and understanding attack techniques. CISSP, ECIH v2, GCFA, GCIH, EnCE or equivalent DFIR certification. Ability to work in time-sensitive and complex situations with ease and professionalism, possess an efficient and versatile communication style Good verbal and written communication skill, excellent interpersonal skills Abilities: Strong English verbal, written communication, report writing and presentations skills. Ability to multitask and prioritize work effectively. Responsive to challenging tasking. Highly motivated self-starter giving attention to detail. Strong analytical skills and efficient problem solving. Capable to operate in a challenging and fast-paced environment.

Job Purpose: The Security Architect will be responsible for designing, implementing, and maintaining the overall security posture of the NBFC's IT infrastructure, applications, and data. This role involves developing and enforcing security policies, standards, and procedures to protect the organization from cyber threats, ensuring compliance with regulatory requirements, and safeguarding customer data. The Security Architect will work closely with IT, risk management, and business teams to align security strategies with business objectives. Key Responsibilities: Information Security Strategy Develop and implement an organization-wide information security strategy and vision. Align information security initiatives with business goals and objectives. Stay abreast of emerging threats and technologies to adapt the security strategy accordingly. Meeting and Board Presentation Participate in senior management meetings. Present the security strategy and vision to the board. Present risk and mitigation plans to the risk committee. Risk Management Identify, assess, and prioritize information security risks. Develop and implement risk mitigation strategies. Establish risk management frameworks and policies. Security Policies and Procedures Develop, implement, and enforce information security policies and procedures. Ensure compliance with relevant laws, regulations, and industry standards. Promote security awareness and education throughout the organization. Incident Response and Management Develop and maintain an incident response plan. Lead and coordinate responses to security incidents. Conduct post-incident reviews and implement improvements. Security Architecture Design and implement a robust information security architecture. Evaluate and select security technologies and tools. Ensure the integration of security measures into the organization's IT infrastructure. Security Awareness and Training Develop and implement security awareness programs for employees. Provide training to staff on security policies and best practices. Vendor and Third-Party Risk Management Assess and manage the security risks associated with external vendors and third-party relationships. Ensure that third-party contracts include appropriate security requirements. Compliance Monitor and ensure compliance with relevant data protection and privacy laws. Coordinate with legal and compliance teams to address regulatory requirements. Ensure compliance with relevant regulatory requirements (e.g., RBI guidelines, DPDPA, Cert-In, etc.). Security Audits and Assessments Conduct regular security audits and assessments. Prepare and maintain documentation for audits and regulatory inspections. Ensure the effectiveness of security controls and measures. Security Governance Establish and chair a security governance committee. Report regularly to executive leadership and the board on the state of information security. Budget and Resource Management Develop and manage the information security budget. Allocate resources effectively to support security initiatives. Collaboration and Communication Collaborate with other senior executives to integrate security into overall business strategies. Communicate effectively with stakeholders about the importance of information security. Provide guidance and training to employees on security best practices and awareness.

What youll be doing... Verizon Cyber Security Team is looking for a Penetration Tester to join our Application Pen Test team. Youll be joining a group of talented, creative thinkers who "act like the enemy" to focus on ensuring that infrastructure and applications (web, mobile, and API) are secure by performing penetration testing from both inside and outside of Verizon. . This team isnt a "copy and paste from a scan tool" reporting team, or a cookie cutter just scanning with tools team, or a team that just monitors and supports security scanning tools used by developers. This team is an enterprise-recognized and supported group of skilled, experienced and certified ethical hacking Verizon employees who are trusted to direct themselves with a lot of unknowns. The successful candidate will possess an effective aptitude in thinking like an adversary, security of Web applications, Infrastructure, APIs and Mobile Applications, mentoring and leading junior pen testers and effectively translating highly technical information to internal customers in a way that supports Cyber Security Team and broader Verizon goals. The ability to lead and perform full scope penetration testing on complex web applications, Infrastructure, APIs and Mobile applications. Configuring and safely utilizing attacker tools, tactics, and procedures for Verizon environments. Developing comprehensive and accurate reports and presentations for both technical and executive audiences. The ability to make collaborative decisions on the impact of an exposure to Verizon. Acting as a SME and guide, advising on security vulnerability impact, ratings and remediation recommendations across the organization as needed. Helping define the Pen Test strategy and standards to further enhance the companys security posture. Effectively communicating findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel. Working closely with stakeholders and developers providing risk-appropriate and pragmatic recommendations to correct found vulnerabilities. Developing scripts, tools, or methodologies to enhance Verizons pen testing processes and effectiveness. Driving technical oversight and mentoring junior pen testers on pen test engagements, vulnerability impact and ratings and remediation recommendations. Providing leadership and guidance to advance the offensive capabilities of the team and its subsequent ability to defend the Verizon Enterprise. What were looking for... Youll need to have: Bachelor's degree and four or more years of work experience. Four or more years of relevant work experience. Relevant pen testing or security experience. Deep understanding of OWASP Top 10, OWASP API Top 10, MASVS. Even better if you have one or more of the following: Strong knowledge of tools used for API, infrastructure, web application, mobile, and network security testing, such as Kali Linux, Metasploit, Wireshark, Burp suite, Cobalt Strike, Nessus, Web Inspect, SQLMap. Knowledge of secure software deployment methodologies, tools, and practices. Experience with application security risk procedures, security patterns, authentication technologies and security attack pathologies. Certifications such as: GXPN, GPEN, eWPT, GCIH, GWAPT, OSCP, OSWA, OSCE, OSWE. Service Delivery/Governance: ITILv2/3. Solid understanding of common hosting environments such as containerization platforms (e.g., Docker and Kubernetes) and virtual machines running under hypervisors. An implementation level familiarity with all common classes of modern exploitation. Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell. Programming skills preferred and encouraged, as well as the ability to read and assess applications written multiple languages, such as Python, JAVA, .NET, C#, or others. Experience with system and application security threats and vulnerabilities and secure configuration management techniques, software debugging principles, software design tools, methods, and techniques, software development models (e.g., Waterfall Model, Spiral Model). Knowledge of secure coding techniques. Some experience with software related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, and simplicity/minimization). Knowledge of secure software deployment methodologies, tools, and practices. Knowledge in discerning the protection needs (i.e., security controls) of information systems and networks.

What youll be doing... Youll be finding the right technology to help ensure our customers keep their systems secure and spot risks before they become real threats. But youll be doing more than just providing SOX and IT securityyoull help customers prepare for the unexpected, defend their systems, and protect their business, brand, and bottom line. Designing solutions to mitigate risk and close security gaps and reduce vulnerability. Managing SOX Audit. PM/Engineering effort for tracking Security vulnerabilities. Working closely with VCG Application Development, App Security teams and other Key stakeholders in strategizing SOX and Security Engineering Practices and mitigating the Security Vulnerabilities. Adhering to industry standards and best practices and understanding emerging technologies and trends to continuously improve the systems, application, infrastructure, and processes. Performing SOX QA Support for Controls to ensure minimal SOX findings by auditors. Conducting quarterly Lesson Learned with SOX POCs/Directors/Performers to prevent the same issues from happening quarter over quarter. Supporting SOX BOT automation enhancements and testing in partnership with Control Performers. Supporting SOX Ops - Maintain and enhance SOX SOP documents for effective QA reviews by team. Where you'll be working... In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. What were looking for... Application Security Skills: Secure Coding Practices: Deep understanding of secure coding principles and common vulnerabilities (OWASP Top 10, SANS 25) in various languages (e.g., Java, Python, .NET, JavaScript). SAST/DAST/IAST Expertise: Proficiency in using and interpreting results from Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and ideally Interactive Application Security Testing (IAST) tools. Open Source Software (OSS) Security: Knowledge of common OSS vulnerabilities, license compliance issues, and tools for managing OSS risks. Threat Modeling: Ability to perform threat modeling exercises to identify potential security weaknesses in application architectures and designs. Cloud Security (for Cloud-Native Apps): Familiarity with cloud security concepts, including secure configuration of cloud services (e.g., AWS, Azure, GCP), identity and access management (IAM), and cloud-native security tools. Logging and Monitoring: Experience with implementing and analyzing security logs, setting up security information and event management (SIEM) systems, and using intrusion detection/prevention systems (IDS/IPS). DevSecOps Practices: Understanding of integrating security into the software development lifecycle (SDLC) using DevSecOps methodologies and tools. Platform Security Skills: Cloud Security: Strong knowledge of cloud security best practices, including securing cloud infrastructure (compute, storage, network), managing cloud access, and implementing security monitoring in cloud environments. Container Security: Expertise in securing containerized applications and their underlying infrastructure (e.g., Docker, Kubernetes), including image scanning, runtime security, and container orchestration security. Vulnerability Management: Proficiency in using vulnerability scanning tools (like Tenable) for both network and application layers, prioritizing vulnerabilities, and coordinating remediation efforts. Hardware Security: Understanding of hardware security concepts, including firmware security, hardware-based encryption, and physical security measures. Incident Response: Experience with incident response processes, including detection, containment, eradication, and recovery, as well as post-incident analysis. SOX Auditing Exposure/ Experience: We are seeking a highly motivated and detail-oriented SOX Audit person to join our growing team. In this role, you will play a crucial part in ensuring the effectiveness of our internal control environment and compliance with the Sarbanes-Oxley Act (SOX). Plan, execute, and document SOX testing procedures for key financial and IT controls. Identify and assess the design and operating effectiveness of internal controls. Evaluate control deficiencies and recommend remediation strategies. Collaborate with process owners to remediate control deficiencies and enhance the control environment. Stay abreast of SOX compliance requirements and industry best practices. Assist with the development and maintenance of SOX documentation, including process narratives, flowcharts, and risk control matrices. Participate in special projects and other duties as assigned Additional Important Skills: Automation and Scripting: Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automating security tasks and integrating security tools. Communication and Collaboration: Excellent communication skills to effectively convey security findings to technical and non-technical audiences and collaborate with development and operations teams. Problem-Solving and Analytical Skills: Strong analytical and problem-solving abilities to investigate security issues, identify root causes, and develop effective solutions. Youll need to have: Bachelors degree or four or more years of work experience. Four or more years of relevant experience required, demonstrated through work experience and/or military experience. Worked as a consultant. Four or more years of relevant experience in Application Security Skills, Platform Security Skills & SOX Auditing Exposure/ Experience. Even better if you have one or more of the following: A degree in engineering or computer science. Experience with security risk procedures, security patterns, authentication technologies and security attack pathologies. Certifications in one or more of the following: Security: CISSP, CISM, CEH, GCIH, GPEN, CCSK, Security+, Cisco, F5, BlueCoat, Check Point. Network: Cisco, Juniper, Palo Alto. Architecture: TOGAF. Service Delivery/Governance: ITILv2/3.