65 Security Policies Jobs - Page 3

Description We are seeking a skilled SAP Security Consultant with 5-7 years of experience to join our dynamic team. The ideal candidate will be responsible for ensuring the security and integrity of our SAP systems by designing and implementing security measures, conducting audits, and collaborating with cross-functional teams to meet security requirements. The consultant will play a key role in safeguarding our data and ensuring compliance with industry standards. Responsibilities Design and implement SAP security roles and authorizations to ensure compliance with security policies. Conduct security audits and risk assessments to identify vulnerabilities and implement corrective actions. Collaborate with cross-functional teams to define security requirements for SAP applications and systems. Monitor user access and perform periodic reviews to ensure adherence to security protocols. Provide support for SAP security incidents, including investigation and resolution of security breaches. Stay updated with the latest SAP security best practices and regulatory requirements. Skills and Qualifications Bachelor's degree in Computer Science, Information Technology, or a related field. 5-7 years of experience in SAP security and authorization management. Strong knowledge of SAP modules (e.g., SAP ERP, SAP S/4HANA) and their security requirements. Proficiency in SAP GRC (Governance, Risk, and Compliance) solutions. Experience in designing and implementing role-based access control (RBAC) in SAP. Familiarity with SAP security tools such as SU01, PFCG, and ST01. Knowledge of industry standards and regulations related to information security (e.g., ISO 27001, GDPR). Excellent problem-solving skills and attention to detail. Strong communication and interpersonal skills to work effectively in a team environment.

Role & responsibilities • Design, implement, and manage security solutions for cloud infrastructure, primarily on Google Cloud Platform (GCP), with additional responsibilities for Azure and AWS environments. • Develop and enforce security policies, procedures, and standards to ensure compliance with industry best practices and regulatory requirements. • Conduct security assessments, vulnerability scans, and penetration testing to identify and mitigate risks. • Monitor and respond to security incidents, providing timely and effective resolution. • Collaborate with cross-functional teams to integrate security into the development and deployment processes. • Stay up to date with the latest security trends, threats, and technologies to continuously improve our security posture. • Provide guidance and training to internal teams on cloud security best practices. • Implement and manage identity and access management (IAM) policies and procedures to ensure secure access to cloud resources. • Automate security processes and workflows using tools such as Terraform, Ansible, or similar. • Develop and maintain security documentation, including architecture diagrams, incident response plans, and standard operating procedures. • Perform regular audits and compliance checks to ensure adherence to security policies and regulatory requirements. • Collaborate with third-party vendors and service providers to evaluate and integrate security solutions. • Participate in security incident response drills and tabletop exercises to enhance preparedness and response capabilities. • Analyze and report on security metrics to measure the effectiveness of security controls and identify areas for improvement. Required Experience & skills Bachelors degree in computer science, Information Technology, or a related field. Proven experience as a Cloud Security Engineer or similar role, with a strong focus on Google Cloud Platform (GCP). Working knowledge of Azure and AWS cloud platforms. In-depth understanding of cloud security principles, practices, and technologies. Experience with security tools and technologies such as firewalls, intrusion detection/prevention systems, SIEM, and endpoint protection. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Relevant certifications such as Google Professional Cloud Security Engineer, AWS Certified Security Specialty, or Microsoft Certified: Azure Security Engineer Associate are a plus.

Notice Period : Immediate joiners only Profile Type : Stable & long-term Job Description We are looking for an experienced Entra ID Specialist with deep expertise in identity and access management technologies, SSO integrations, and Entra ID configurations. The ideal candidate will have a hands-on background in federation protocols, security policies, and automation. Mandatory Skills : Strong hands-on experience with Microsoft Entra ID including: User provisioning Enterprise app integration SSO, MFA, Conditional Access B2B and B2C configurations Expertise in SSO protocols : SAML, OpenID/OAuth, WS-Fed Experience with SCIM provisioning and JIT configuration via SAML Hands-on with Cross-Tenant Sync and External Identity Management Familiarity with IAM & IGA concepts Scripting and automation using PowerShell , Shell , Java , or Python Roles & Responsibilities : Integrate enterprise applications with Microsoft Entra ID Manage user access to SaaS applications using SAML, WS-FED, OIDC/OAuth Implement Multi-Factor Authentication (MFA) using Microsoft Authenticator Configure passwordless authentication and Temporary Access Pass (TAP) Support Self-Service Password Reset (SSPR) and password protection policies Troubleshoot Sign-in logs , Audit logs , and Conditional Access policies Define and maintain secure access controls based on device, location, and identity Educational Qualification : B.E / B.Tech in Computer Science or related discipline

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description 8 yrs of IT experience with BE Computer Science degree from a reputed institute 4+ yrs in MuleSoft API development and deployment. Good knowledge of Error Handling, API design for Use Cases, Data Weave, Aggregation, Map Object, Pluck Function, Security, Policies, API-LED Architecture, Integration Design Patterns, API Life Cycle, Encryption/Decryption, micro services, REST APIs, Graph QL, Salesforce Connector (operations, limits, etc) Good Experience of CI/CD pipelines, deploys and versioning Good understanding of high level system architecture with focus on efficiency & scalability (following best practices and maintaining scalability) Knowledge of security best practices: encryption/decryption, all auth types Event-driven Architecture knowledge - focus on performance tuning like: Kafka(Kafka client libraries, serialization/deserialization mechanisms, large scale data mechanisms) message queues Monitoring & logging systems troubleshooting/debugging skills Other Important skills to have Knowledge of data types Database knowledge Code quality mindset: unit tests, following coding standards, best practices, design documentation (data flows diagrams, systems design diagrams), code review Good communication and a team player Deliver No. Performance Parameter Measure 1. Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led 2. Delivery Responsibility in Projects/Programs and Accounts (a) Solution acceptance of Integration architecture (from client and/or internal Wipro architecture leadership), and (b) effective implementation of integration-approach/solution component by way of sufficient integration-design, methods guidelines and tech-know how of team 3. Delivery support CSAT, delivery as per cost, quality and timelines, Identify and develop reusable components, Recommend tools for reuse, automation for improved productivity and reduced cycle times 4. Capability development % trainings and certifications completed, increase in ACE certifications, thought leadership content developed (white papers, Wipro PoVs) Mandatory Skills: MuleSoft Development . Experience: 8-10 Years . Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About the job Responsible for reviewing, maintaining, and updating security policies, procedures, and standards/baselines. Support all accreditation programs such as ISO27001, ISAE 3402 Type II, SOC2 Type 2, PCI-DSS and others as may be needed. Work with different stakeholders including external auditors, business leaders, DPO, Legal, HR, and CIO teams to understand all critical security requirements. Drive security compliance monitoring. Risk assessment for information security and cyber risks Adoption of global frameworks such as NIST Cyber Security and CIS etc. Work with internal Marketing team and external vendors for developing security awareness program. Support Business Continuity program including BC Plans, Crisis Management etc. Perform internal security audits. Manage certifications such as ISO 27001, SOC etc. Perform security audits on application and IT infrastructure including but not limited to network, operating systems (Windows and Linux), databases, access control, Firewalls, IDS/IPS, Web Application Firewalls, Proxies, Cloud infrastructure (Azure and Amazon), Web servers, data center, Email infrastructure, VPN infrastructure, routers, backups, Disaster Recovery, Endpoint Security. Perform security audits to ensure that controls related to these processes are adequate to mitigate risks. Perimeter/Internal Security Technologies (Firewalls, IDS/IPS, Proxy, WAF etc.) Data Loss Prevention technologies and support processes Network Segmentation and Separation Solutions Identity and Access Management, Privileged Access and Authentication Solutions Platform and Configuration Hardening IT incident and problem management Threat Intelligence and Insider Threat Detection Vulnerability assessment, Penetration Testing, and its mitigation Security Incident and Event Management (SIEM) Technologies Cyber Incident and response Change Management Role Based Access Controls Business continuity and Disaster Recovery Vendor security assessments Minimum Qualification & Background: 5-10 years of relevant experience Graduate with one or more professional certifications: ISO27001 LA, CISA, CRISC, CISSP and CISM Must have experienced a complete ISO27001 journey for a few years at a minimum. Knowledge and understanding of ISO27001, ISO27002, ISO27017, ISO27018, PCI DSS, NIST cyber security standards and CIS benchmarks. Must have performed audits of the cloud infrastructure. Knowledge and understanding of security related technologies and cloud security. Excellent written and verbal communication skills; Documentation and presentation skills

Job Responsibilities Responsible for reviewing maintaining, and updating security policies, procedures, and standards/baselines. Support all accreditation programs such as ISO27001, ISAE 3402 Type II, SOC2 Type 2, PCI-DSS and others as may be needed. Work with different stakeholders including external auditors, business leaders, DPO, Legal, HR, and CIO teams to understand all critical security requirements. Drive security compliance monitoring. Risk assessment for information security and cyber risks Adoption of global frameworks such as NIST Cyber Security and CIS etc. Support Business Continuity program including BC Plans, Crisis Management etc. Perform internal security audits. Manage certifications such as ISO 27001, SOC etc. Perform security audits on application and IT infrastructure including but not limited to network, operating systems (Windows and Linux), databases, access control, Firewalls, IDS/IPS, Web Application Firewalls, Proxies, Cloud infrastructure (Azure and Amazon), Web servers, data center, Email infrastructure, VPN infrastructure, routers, backups, Disaster Recovery, Endpoint Security. Third-party risk Assessment Minimum Qualification & Background: 3-6 years of relevant experience Under Graduate with one or more of professional certifications: ISO27001 LA, CISA, CISSP, etc. Must have implemented ISO27001 standard at least once. Knowledge and understating of ISO27001, ISO27002, ISO27017, ISO27018, PCI DSS, NIST cyber security standards and CIS benchmarks. Must have performed audits of the cloud infrastructure. Knowledge and understanding of security related technologies and cloud security. Excellent written and verbal communication skills; Documentation and presentation skills

Key Responsibilities: Application Packaging: Package applications for deployment through Microsoft Intune Create and maintain Win32 app packages, MSI installations, and app bundles Develop and implement PowerShell scripts for application customization and configuration Testing and Quality Assurance: Conduct thorough testing of packaged applications in various environments Troubleshoot and resolve packaging and deployment issues Ensure compliance with organizational security policies and industry standards Deployment and Management: Configure and manage application deployment through Intune Set up and maintain application assignment policies Monitor application installation status and user adoption Documentation and Process Improvement: Create and maintain comprehensive documentation for packaging processes and deployed applications Develop and refine standard operating procedures for application packaging and deployment Stay updated with the latest Intune features and best practices, implementing improvements as needed

Your day at NTT DATA The Managed Services Cross Technology Engineer (L3) is a seasoned engineering role, responsible for providing a service to clients by proactively identifying and resolving technical incidents and problems. Through pre-emptive service incident and resolution activities, as well as product reviews, operational improvements, operational practices, and quality assurance this role will maintain a high level of service to clients. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions. The Managed Services Cross Technology Engineer (L3) is responsible for managing tickets of high complexity, conducts advanced and complicated tasks, and provides resolution to a diverse range of complex problems. This position uses considerable judgment and independent analysis within defined policies and practices and applies analytical thinking and deep technical expertise in achieving client outcomes, while coaching and mentoring junior team members across functions. The Managed Services Cross Technology Engineer (L3) focusses across two or more technology domains such as (but not limited to) Cloud, Security, Networking, Applications and / or Collaboration and may also contribute to / support on project work as and when required. What youll be doing Key Responsibilities: Good in-depth troubleshooting skills of complex problems Develop and implement backup and restore policies Good monitoring and remediation skills Automation through scripting skills Collaborate with client Manage a small team of engineers Good documentation skills Server hardware maintenance and upgrades Skills to interpret logs and arrive at the RCA of the problem Experience with Linux servers in virtualized environments Implement security policies and ensure compliance Perform regular security audits and VA assessments/remediation Preferred automation skill using scripting Manage access controls and authentication mechanisms in collaboration with client Academic Qualifications Any Graduate

We are Hiring Senior Consultant Cyber Security Solution Architect Location: Bangalore, Hyderabad Experience: 14+ years Are you passionate about designing secure, scalable cloud and enterprise security architectures? Join us as a Cyber Security Solution Architect and be at the forefront of helping clients secure their digital ecosystems. What You’ll Do: Design and deliver end-to-end cybersecurity solutions for enterprise clients Collaborate with infra/application architects to embed security in architecture Lead cloud security (Azure/AWS/GCP), DDoS, SIEM, WAF, and container security design Define KPIs and lead security assessments & compliance initiatives (ISO 27001, NIST) Build client-facing proposals and conduct solution defense with stakeholders What We’re Looking For: 14+ years of overall experience, with 5+ years in complex security engineering projects Strong hands-on with tools: Azure Security Center, GuardDuty, Palo Alto, Qualys, etc. Exposure to CASB, Zero Trust, IAM, and multi-cloud security Excellent communication, client interaction, and solutioning skills Preferred Certifications: CISSP | CISM | CEH | CCSP | TOGAF | AWS/Azure/GCP Security Ready to shape the future of enterprise security? Apply now / email at mary.nancy1@sonata-software.com

SEP client installation and upgradation Symantec Endpoint Protection Manager Monitor security logs, alerts, and network traffic Resolve user related to AV security standards and regulations anti-malware software

Establishing and implementing SAP security best practices. Designing and implementing security roles/controls for Solution Manager 7.x+. Security compliance and audit readiness. User creation, Deletion, Maintenance, and Reports. Role Creation change and assignment. GRC Administrator. Duties and responsibilities: Developing UI5 user interface in SAP IDM 8.0. Create and implement automated IDM processes to manage user processes based on organizational data. Integrate IDM 8.0 with existing GRC 10.1 implementation. Working technically complex SAP Security issues and configurations. Providing security direction to business units and developers. Supporting and performing SAP security support for upgrades, testing cycles, and new system go-live. Performing daily monitoring and oversight to ensure security compliance and audit readiness. Establishing and implementing SAP security best practices. Perform SAP user administration and role development tasks. Integration and support using the SAP GRC 10.1 platform. Strong understanding of Sarbanes-Oxley (SOX) Compliance- Strategy management related to SAP business processes and Segregation of Duties (SOD). Configuration of NetWeaver Identity Management (IDM) with Novell eDirectory or LDAP with SSO capabilities. GRC for provisioning and de-provisioning to SAP systems. Demonstrable work experience in supporting audits facing off with both internal and external auditors to ensure that Security areas in all in-scope SAP systems are audit compliant. Designing and implementing security roles/controls for Solution Manager 7.x+. In-depth understanding of the Application Life cycle Management in HANA. Setting up security for Fiori Apps, BW, BI, application security, Preparing a document. Experience in IDM (identity management) SOD (segregation of duties) is a must.

India is among the top ten priority markets for General Mills, and hosts our Global Shared Services Centre. This is the Global Shared Services arm of General Mills Inc., which supports its operations worldwide. With over 1,300 employees in Mumbai, the center has capabilities in the areas of Supply Chain, Finance, HR, Digital and Technology, Sales Capabilities, Consumer Insights, ITQ (R&D & Quality), and Enterprise Business Services. Learning and capacity-building is a key ingredient of our success. Position Title D&T Analyst II - Cyber Security, Insider Threat & Awareness Function/Group Digital & Technology Location Powai, Mumbai Shift Timing 11 am - 8 pm Role Reports to D&T Manager - Cyber Security, Insider Threat & Awareness Remote/Hybrid/in-Office Hybrid ABOUT GENERAL MILLS We make foodthe world loves: 100 brands. In 100 countries. Across six continents. With iconic brands like Cheerios, Pillsbury, Betty Crocker, Nature Valley, and Hagen-Dazs, we've been serving up food the world loves for 155 years (and counting). Each of our brands has a unique story to tell. How we make our food is as important as the food we make. Our values are baked into our legacy and continue to accelerate us into the future as an innovative force for good. General Mills was founded in 1866 when Cadwallader Washburn boldly bought the largest flour mill west of the Mississippi. That pioneering spirit lives on today through our leadership team who upholds a vision of relentless innovation while being a force for good. For more details check out General Mills India Center (GIC) is our global capability center in Mumbai that works as an extension of ou r global organization delivering business value, service excellence and growth, while standing for good for our planet and people. With our team of 1800+ professionals, we deliver superior value across the areas of Supply chain (SC) , Digital & Technology (D&T) Innovation, Technology & Quality (ITQ), Consumer and Market Intelligence (CMI), Sales Strategy & Intelligence (SSI) , Global Shared Services (GSS) , Finance Shared Services (FSS) and Human Resources Shared Services (HRSS). For more details check out We advocate for advancing equity and inclusion to create more equitable workplaces and a better tomorrow. JOB OVERVIEW Function Overview The Digital and Technology team at General Mills stands as the largest and foremost unit, dedicated to exploring the latest trends and innovations in technology while leading the adoption of cutting-edge technologies across the organization. Collaborating closely with global business teams, the focus is on understanding business models and identifying opportunities to leverage technology for increased efficiency and disruption. The team's expertise spans a wide range of areas, including AI/ML, Data Science, IoT, NLP, Cloud, Infrastructure, RPA and Automation, Digital Transformation, Cyber Security, Blockchain, SAP S4 HANA and Enterprise Architecture. The MillsWorks initiative embodies an agile@scale delivery model, where business and technology teams operate cohesively in pods with a unified mission to deliver value for the company. Employees working on significant technology projects are recognized as Digital Transformation change agents. The team places a strong emphasis on service partnerships and employee engagement with a commitment to advancing equity and supporting communities. In fostering an inclusive culture, the team values individuals passionate about learning and growing with technology, exemplified by the Work with Heart philosophy, emphasizing results over facetime. Those intrigued by the prospect of contributing to the digital transformation journey of a Fortune 500 company are encouraged to explore more details about the function through the following Purpose of the role The Security Awareness and Insider Threat Analyst is responsible for developing, implementing, and managing security awareness programs to educate employees on security best practices and protect, detect and respond to risks posed by insider threats. This role combines expertise in threat detection and prevention with a strong focus on cultivating a security-conscious culture within the organization. The analyst will monitor and analyze insider threat activities, respond to incidents, and collaborate with various departments to enhance the organization's overall security posture. KEY ACCOUNTABILITIES . Monitor and analyze user activities for signs of potential insider threats. . Develop and maintain threat detection tools, techniques, and procedures. . Utilize threat intelligence platforms to gather, analyze, and disseminate relevant information. . Perform advanced analysis of insider threat and DLP alerts across various egress channels in on-premise and cloud environments, prioritizing threats using available tools. . Investigate and document event/alert patterns, collaborating with Cyber Defence, Legal, Privacy, and HR teams during incidents as necessary. . Create detailed reports on security incidents, investigations, and mitigation efforts. . Contribute to refining detection tool policies, rules, and operational documents by highlighting areas for improvement. . Lead the simulated phishing program, including metrics and executive summaries. . Coordinate with internal and external partners to develop and update quality training content. . Develop and distribute enterprise-wide communications on information security risks and guidance. . Create marketing materials and content for global Security Awareness even ts, including in-person site events as needed. . Ensure the security awareness program effectively communicates security policies, fostering a global security culture. MINIMUM QUALIFICATIONS Education - Full time graduation from an accredited university (Mandatory- Note: This is the minimum education criteria which cannot be altered) Minimum 4 years of experience in SOC, Incident Response, Insider Threat or Security Awareness. PREFERRED QUALIFICATIONS Excellent written, verbal communication and presentation skills. Ability to create engaging and effective training materials. Strong organizational and project management skills. Ability to work effectively in a team environment and collaborate with various stakeholders. Certifications: The following certificates are preferred but not mandatory, CompTIA Security+ CompTIA Cybersecurity Analyst (CySA+) EC-Council Computer Hacking Forensics Investigator (CHFI) EC-Council Certified Incident Handler (ECIH) SANS GIAC Security Essentials (GSEC) Microsoft Certified: Azure Fundamentals (AZ900) Microsoft Certified: Information Protection and Compliance Administrator Associate (SC400)

Lead and manage a team of SOC analysts, including training, development, and performance evaluation Develop, implement, and maintain security policies and procedures for the SOC Oversee the daily operations of the SOC, including security monitoring, incident response, and threat analysis Manage and optimize SOC tools and technologies (SIEM, IDS/IPS, etc.) Lead incident response efforts, including investigation, containment, eradication, and recovery Interact with the client to understand their infrastructure and implement appropriate technologies to ensure receipt of the log data and then monitor / alert the client for any issue

Key Skills: - Financial Management: Understanding of Workday Financials fundamentals, financial accounting setup, and organizational structures - Reporting: Knowledge of Workday reporting, including standard reports, Express reports, and report writing - Transaction Management: Ability to employ transactions in Workday and manage financial processes - Security and Compliance: Understanding of security policies and business processes - Analytical and Problem-Solving Skills: Ability to analyze financial data, identify issues, and optimize financial operations Job Roles: - Finance Professionals: Enhance skills in Workday Financials to advance careers in finance - Accountants: Manage and optimize financial processes using Workday Finance - Business Analysts: Streamline financial operations and improve efficiency - Workday Consultants: Specialize in financial management and implementation requirement

Job Role: IT Infrastructure Security Engineer . Location: Bangalore. Notice Period: Immediate to 30 days. Responsible for designing, implementing, and maintaining security measures to protect an organizations IT infrastructure. This role involves securing networks, servers, cloud environments, and other critical IT systems against cyber threats. The engineer works closely with IT, security, and compliance teams to ensure a robust security posture and adherence to industry standards. Key Responsibilities Infrastructure Security & Compliance Design and implement security controls to protect IT infrastructure, including servers, networks, databases, and cloud environments. Conduct security assessments, vulnerability scans, and penetration tests to identify weaknesses and recommend mitigation strategies. Ensure compliance with industry standards such as ISO 27001, NIST, CIS, GDPR, HIPAA, PCI-DSS, and SOC 2 . Develop and enforce security policies, procedures, and best practices for IT infrastructure. Monitor system logs, network traffic, and security alerts to detect and respond to threats in real-time. Network & Cloud Security Secure on-premises and cloud environments (AWS, Azure, Google Cloud) using security best practices. Implement firewalls, IDS/IPS, VPNs, and Zero Trust architectures to safeguard enterprise networks. Configure and manage endpoint security solutions, SIEM, EDR, XDR , and other security tools. Implement identity and access management (IAM) solutions, including privileged access management (PAM). Incident Response & Threat Management Investigate and respond to security incidents, breaches, and anomalies in coordination with SOC teams. Develop incident response plans (IRP) and lead forensic analysis for security events. Work closely with security operations teams to automate threat detection and response processes. Security Automation & Infrastructure Hardening Use Infrastructure as Code (IaC) to automate security configurations (e.g., Terraform, Ansible). Implement patch management, vulnerability management, and endpoint security policies . Secure containers and Kubernetes environments in DevOps pipelines. Harden operating systems (Windows, Linux) and cloud environments against cyber threats. Collaboration & Continuous Improvement Provide security training and awareness to IT teams. Collaborate with DevOps, IT, and compliance teams to integrate security in CI/CD pipelines. Stay up to date with emerging cyber threats and recommend new security technologies. Qualifications & Skills Technical Skills Strong knowledge of network security, cloud security, and endpoint security . Experience with firewalls, IDS/IPS, SIEM, EDR/XDR, and encryption . Hands-on experience with AWS Security, Azure Security Center, Google Cloud Security, and IAM solutions . Familiarity with scripting and automation (Python, Bash, PowerShell). Expertise in Active Directory (AD), Zero Trust security, and PKI . Knowledge of compliance frameworks like ISO 27001, NIST, CIS, GDPR, PCI-DSS . Soft Skills Strong analytical and problem-solving skills. Excellent communication and teamwork abilities. Ability to work under pressure and manage multiple security tasks. Detail-oriented with a proactive security mindset. Certifications (Preferred but Not Mandatory) CEH (Certified Ethical Hacker) CISM (Certified Information Security Manager) CCSP (Certified Cloud Security Professional) AWS Security Specialty, Azure Security Engineer, or Google Cloud Security Certifications CISSP (Certified Information Systems Security Professional) Work Environment & Tools Security tools: Wazuh SIEM, Splunk, Palo Alto, Fortinet, CrowdStrike, SentinelOne, Qualys, Tenable, Nessus Cloud platforms: AWS, Azure, Google Cloud . Operating systems: Windows, Linux, macOS . Automation: Python, Terraform, Ansible, PowerShell.