Duties & Responsibilities:

· Investigate and advise on latest security related risk, threats and vulnerabilities, security incident management, external security reviews and penetration tests to ensure infrastructure security posture is strong.

· Collaborate on Information Security policies, standards, and baselines and contribute efforts to measure compliance.

· Monitor, assess, and perform network penetration tests, vulnerability assessment scans, and risk assessment reviews to ensure that IT assets are properly protected.

· Define and report key security metrics to drive remediation trends.

· Report on findings and advise stakeholders in remediation activities as required.

· Document all processes and procedures in accordance with Reporting Standards.

· Collaborate with the IT Operations, architecture, and project teams to engineer and implement security controls based upon policies, standards, and best practices.

· Facilitate and coordinate vulnerability assessment, reviews of assessment results, patching, and advice or conduct remediation activities related to BU OS, Middleware, Unix/Linux Servers, Storage, Databases, Appliances, Web Applications and Network Devices, malware tools, IDS/IPS, encryption, and other IT infrastructure technologies.

· Collaborate on and provide results and metrics for consistent reporting for governance purposes; collaborate and coordinate remediation plans and activities.

· Research and develop testing tools, techniques, and process improvements.

· Adequately explains, presents, demonstrates, and documents the operational impact of a particular security loopholes or vulnerabilities.

· Analyze vulnerability results and recommend corrective action and hardening.

· Manage and configure NGFW, WAF and NSG.

· Implement DLP solution to enhance data security.

· Provide mentorship and guidance and share knowledge with other members of the team

· Where required, provide recommendations, explanations, guidance on their functional area to other teams in the organization.

· Understand the Scope of Work for the engagement

· Proactively identify security risks and provide security requirements and controls to mitigate these risks

· Perform the duties and tasks required in a secure, organized, professional manner

Education, Training, Experience, Skills & Abilities:

· Bachelor’s Degree in Science, Engineering, or equivalent

· CISSP, GSEC, or other relevant certifications

· 5+ years progressive experience in IT security

· Demonstrated experience defining, maintaining, and enforcing security best practices

· Working knowledge of industry-recognized tools including the following:

Middleware, Servers (Linux/Windows), Storage, Databases, Appliances, Web Applications, Network Security Devices, Cisco ACI, Nutanix, Azure Cloud Platform, CyberArk, Intune, Microsoft Endpoint Management, SDWAN, Palo Alto, Fortinet, Cisco ASA and Juniper firewalls.

· Have a broad understanding of the current cyber security landscape, with a background in networks and server/system management, a strong Cloud Security (Azure, OCI and Nutanix) background and an in-depth understanding in-depth in Zero Trust and SASE security models

· Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Web Content Filtering, Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions, VMs and common networking services and protocols (TCP/IP, SSH, FTP, DNS, DHCP, SMTP, SSL, etc.)

· Working knowledge of Information Security best practices, policies, standards, and baselines, including industry standards and guidelines from ISO 27001/27002, NIST, CIS, and OWASP

· Strong experience in database security.

· Experience in system hardening for Networking Devices, Windows, and Linux.

· Creative problem solver who enjoys collaboration

· Demonstrates an ability to methodically analyze complex technical problems, identify solutions, and communicate to a non-technical audience

· Exhibits good writing and communications skills, to include the ability to render concise reports, summaries, and formal oral presentations

· Adequately explains, presents, demonstrates [when applicable] and documents the operational impact of a particular security loopholes or vulnerabilities

· Self-motivated and able to work both independently

· Strong Team player

Job Types: Full-time, Permanent

Salary: $90,000.00-$110,000.00 per year

Schedule:

• 8 hour shift
• Monday to Friday

Application question(s):

• Have you been involved in any design or implementation work in any area of network security?

Experience:

• Penetration testing: 6 years (preferred)
• Vulnerability Assessment scans: 6 years (preferred)
• Azure Cloud Security: 6 years (preferred)

Licence/Certification:

• CISSP (preferred)
• GSEC (preferred)

Please Note :
nvalabs.org is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, nvalabs.org provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.