infosecops engineer

Overview

Who you'll be working for

What requirements you'll need to be eligible

• 2-4+ years in a combined role of Security Operations and Information Security, with hands-on experience in cloud security.
• Proficiency in SIEM tools (e.g., Splunk, QRadar), EDR solutions, firewalls, IDS/IPS, and vulnerability scanners.
• Cloud Security Experience (Good to have): Hands-on experience with cloud platforms (e.g., AWS, Azure, Google Cloud), including IAM, network security, and cloud-native security tools.
• In-depth understanding of security frameworks (e.g., NIST, ISO 27001) and incident response methodologies and server/cloud networking.

What you'll be doing on the job

• Utilize SIEM, IDS/IPS, and EDR tools to monitor and detect potential security threats and incidents in real-time.
• Lead the response to security incidents, including investigation, containment, remediation, and post-incident analysis. Conduct proactive threat hunting to identify and mitigate risks before they escalate.
• Perform regular vulnerability scans, assess risks, and work with IT teams to apply patches and mitigate identified vulnerabilities.
• Conduct comprehensive risk assessments, identify potential threats, and implement measures to mitigate identified risks.
• Develop, implement, and maintain security policies, standards, and procedures. Ensure compliance with industry standards and regulatory requirements (e.g., GDPR, HIPAA, NIST, ISO 27001).
• Manage and fine-tune security tools, including firewalls, SIEM systems, and endpoint protection platforms. Ensure tools are optimized for threat detection and response.
• Implement and monitor security best practices for cloud environments (AWS, Azure, Google Cloud), including IAM, encryption, network security, and cloud-native security tools (e.g., AWS GuardDuty, AWS WAF and Shield, Azure Security Center).
• Analyze logs from various sources (network devices, servers, applications) to identify anomalies and automate routine tasks using scripting languages (e.g., Python, Bash).
• Design and deliver training programs to educate employees on security best practices and promote a security-first culture within the organization.

Consultant Contact