Job Role: Cloud Security Consultant
- Cloud Security Consultant shall report to the VP, Security & Privileged Monitoring and will be responsible for managing the operation and improvements in the Cloud SIEM tool, analyzing and reporting the gaps and liaising with the IT team for closing the gaps.
- Cloud Security The consultant will be responsible for reviewing incidents where established process flows are breached and preparing response plans for such incidents.
ROLES and RESPONSIBILITIES
- Day-to-day operations of the in-place security systems, including, but not limited: to endpoint security, SIEM, vulnerability scanners, web application scanners, web proxies, e-mail filtering, threat and anomaly detection tools.
- Perform initial analysis to determine security events and alerts requiring immediate response and escalation. Investigate, recommend and implement innovative technologies or other methods that will enhance the security of the Azure/AWS environment.
- Investigate security violations and anomalies, collect incident responses, and carry out forensic investigations, where required.
- Assist with platform tuning, process automation and configuration management and implement security monitoring to ensure optimal and secure running.
- Perform regular analysis of network security needs and contribute to design and integration of required hardware, software.
- Liaise effectively with technology and development teams to ensure projects/initiatives are secure on delivery.
- Initiates automation as necessary to effectively manage system logs and security alarm reporting.
- Map Tactics, Techniques and Procedures (TTPs) to MITRE ATT&CK framework.
- Provide written summaries of security event indicators, recommend remediation activities, and other relevant information to business units. Prepare custom reports for a mixed technical and non-technical audience.
- Hands on experience of security operations (monitoring, scanning, incident response and remediation).
- Advanced knowledge of Information Systems security architecture, security monitoring, Incident response, procedures, and best practices.
- Experience with intrusion detection/ prevention systems, firewalls, perimeter security, log management, DLP and encryption, vulnerability scan technologies.
- Strong understanding of systems and networking infrastructure.
- Scripting experience (e.g. Python) Experience with Cloud provider ecosystems and security concepts.
- Experience working within AWS and/or Azure cloud environment Experience with cloud SIEM like Azure Sentinel/AWS CloudTrail etc.
- Knowledge of IT Control requirements (e.g. PCI DSS, ISO 27001)
- Security experience in a regulatory environment is desirable
- Cloud provider ecosystems and security concepts: 4 years (Preferred)
- vulnerability scan technologies.: 4 years (Preferred)
- cloud SIEM like Azure Sentinel/AWS
- CloudTrail : 5 years (Preferred)
- Banking SIEM: 4 years (Preferred)