Job Role : Cloud SecurityConsultant
Cloud Security Consultant shall report to the VP,Security & Privileged Monitoring and will be responsiblefor managing the operation and improvements in the Cloud SIEM tool,analyzing and reporting the gaps and liaising with the IT team forclosing the gaps.
Cloud Security Theconsultant will be responsible for reviewing incidents whereestablished process flows are breached and preparing response plansfor such incidents.
Day-to-dayoperations of the in-place security systems, including, but notlimited : to endpoint security, SIEM, vulnerability scanners, webapplication scanners, web proxies, e-mail filtering, threat andanomaly detection tools.
Perform initialanalysis to determine security events and alerts requiringimmediate response and escalation. Investigate, recommend andimplement innovative technologies or other methods that willenhance the security of the Azure / AWS environment.
Investigate security violations and anomalies, collectincident responses, and carry out forensic investigations, whererequired.
Assist with platform tuning, processautomation and configuration management and implement securitymonitoring to ensure optimal and secure running.
Perform regular analysis of network security needs andcontribute to design and integration of required hardware,software.
Liaise effectively with technologyand development teams to ensure projects / initiatives are secure ondelivery.
Initiates automation as necessary toeffectively manage system logs and security alarmreporting.
Map Tactics, Techniques andProcedures (TTPs) to MITRE ATT&CK framework.
Provide written summaries of security event indicators,recommend remediation activities, and other relevant information tobusiness units.
Prepare custom reports for a mixed technical andnon-technical audience.
Hands on experienceof security operations (monitoring, scanning, incident response andremediation).
Advanced knowledge ofInformation Systems security architecture, security monitoring,Incident response, procedures, and best practices.
Experience with intrusion detection / prevention systems,firewalls, perimeter security, log management, DLP and encryption,vulnerability scan technologies.
Strongunderstanding of systems and networking infrastructure.
Scripting experience (e.g. Python) Experience with Cloudprovider ecosystems and security concepts.
Experience working within AWS and / or Azure cloudenvironment Experience with cloud SIEM like Azure Sentinel / AWSCloudTrail etc.
Knowledge of IT Controlrequirements (e.g. PCI DSS, ISO 27001)
Security experience in a regulatory environment isdesirable
Cloud provider ecosystems and securityconcepts : 4 years (Preferred)
vulnerabilityscan technologies. : 4 years (Preferred)
cloudSIEM like Azure Sentinel / AWS
CloudTrail : 5years (Preferred)
Banking SIEM : 4 years(Preferred)