Infrastructure Vulnerability Consultant - (Cloud Security CSPM)

About the job

Scope

• Core responsibilities include assessing and promoting remediation for all the assets in the Infrastructure as a Service (IaaS) and Software as a Service (Saas).
• The candidate will be a key member of the centralized information security team.
• 
  

What You'll Do

• Perform vulnerability scans and report findings for On-prem and Cloud networks.
• Proficiency in automation or scripting.
• Publish the vulnerability status reports to senior management and track remediation.
• Define and participate in the implementation of On-prem and Cloud architecture and security controls.
• Proactive identification of threats and risk remediation.
• Discover the assets in the cloud infrastructure to identify and continuously monitor for security vulnerabilities and misconfigurations.
• Discover and continuously monitor for vulnerabilities in cloud workloads including dockers, Kubernetes, and containers.
• Create golden images for virtual machines, dockers and containers to be spun up for the business.
• Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
• Upgrade security systems by monitoring the security environment; identifying security gaps; and evaluating and implementing enhancements.
• Participate in and assist with the incident response team, as appropriate.
• Generate metrics for the Management as needed.
• Prepare system security reports by collecting, analyzing, and summarizing data and trends.
• 
  

What We Are Looking For

• 6+ years of proven experience in Information security or Vulnerability Management and at least 3-5 years of experience in Cloud security; a Master's degree can be substituted for experience.
• Proven experience in automation or scripting.
• Extensive experience in public cloud infrastructure such as Microsoft, Google, or AWS.
• Strong expertise in Vulnerability and Threat Management, gathering and condensing threat intelligence into actionable and meaningful communication materials.
• Bachelor's degree in information security or Information Technology or Computer Science or related fields or from STEM
• Deep and diverse experience architecting and implementing network security designs. Expert in network security, system security and endpoint security.
• Through understanding security vulnerabilities and misconfigurations in the cloud infrastructure.
• Thorough understanding of native cloud solutions like dockers, containers, Kubernetes, VDIs, cloud storage, cloud infrastructure, etc.
• Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2, and SSAE-18.
• Proven experience in cloud security posture management tools like Microsoft Defender, Wiz, Tenable, Aqua Security, Prisma Cloud, Lacework, Scribe Security, etc.
• Proven experience with products dealing with vulnerability management services which include Retina, Qualys, Nessus, Nexpose, etc.
• Practical experience with the development, implementation, and management of security-related technologies (i.e., SIEM, WAF, AV, Firewalls, Internet-facing services).
• Excellent customer service including strong written and oral communication skills.
• Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware/software tools.
• Demonstrated understanding of information security concepts, standards, and practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.
• Certifications such as CCSK, CCSP, GCSA, Microsoft Certified Azure Security Engineer Associate, CISSP or equivalent.
• Results-focused and attention to detail.