Infrastructure Security Engineer

As an Infrastructure Security Engineer, you will be responsible for ensuring the security of our infrastructure and protecting against cyber threats. Your expertise in cloud security, vulnerability management, and endpoint protection will be crucial in maintaining a secure environment. Key Responsibilities: - Designing and managing IAM, security groups, NACLs, and VPCs in AWS - Configuring AWS security services such as CloudTrail, GuardDuty, and Security Hub - Applying Infrastructure as Code (IaC) security best practices using tools like Terraform, CloudFormation, and CDK - Regularly assessing the cloud security posture and recommending improvements - Ensuring compliance with frameworks like SOC 2, ISO 27001, and other industry standards - Conducting enterprise-wide vulnerability scanning using tools like Nessus, Qualys, and Rapid7 - Defining and enforcing patch management policies, SLAs, and reporting - Coordinating remediation efforts with relevant teams - Providing executive-level vulnerability reports Endpoint Security: - Deploying and managing EDR tools such as CrowdStrike or similar solutions - Tuning endpoint security controls including antivirus, encryption, and application control - Investigating malware incidents and performing endpoint forensics - Implementing BYOD and Mobile Device Management (MDM) policies Qualifications Required: - Bachelor's degree in Computer Science, IT Security, or a related field - Minimum of 5 years of experience in information security - Hands-on experience with AWS cloud security for at least 3 years Technical Skills: - Proficiency in AWS services like IAM, VPC, GuardDuty, and CloudTrail - Experience with vulnerability management tools like Nessus, Qualys, and CVSS scoring - Knowledge of patching tools such as WSUS, Red Hat Satellite, and AWS Systems Manager - Familiarity with EDR/XDR solutions like CrowdStrike, SentinelOne, etc. - Strong understanding of Windows & Linux hardening, SIEM/SOAR, and log analysis Certifications (preferred but not mandatory): - AWS Certified Security Specialty - CISSP / GCIH / CEH Key Competencies: - Strong analytical and problem-solving skills - Project management and cross-functional collaboration abilities - Solid grasp of compliance standards such as SOC2, PCI-DSS, and GDPR - Ability to effectively communicate technical concepts to non-technical stakeholders,