Job Description
<p><p><b>Key Responsibilities :</b></p><p><br/>- Design, implement, and maintain security controls across cloud, on-premise, and hybrid environments.<br/></p><p><br/></p><p>- Perform threat modeling, vulnerability assessments, and penetration testing.<br/></p><p><br/></p><p>- Monitor, detect, and respond to security incidents using SIEM and SOAR tools.<br/></p><p><br/></p><p>- Develop and maintain incident response plans and playbooks.<br/></p><p><br/></p><p>- Ensure compliance with security frameworks (ISO 27001, NIST, PCI-DSS, GDPR, SOC 2).<br/></p><p><br/></p><p>- Collaborate with DevOps and Engineering teams to embed security in SDLC (DevSecOps).<br/></p><p><br/></p><p>- Administer and monitor firewalls, IDS/IPS, endpoint security, and identity management systems.<br/></p><p><br/></p><p>- Provide technical guidance on risk management, encryption, IAM, and data protection.<br/></p><p><br/></p><p>- Conduct security awareness training for Skills & Qualifications :</b></p><p><b><br/></b></p><p>- 5-8 years of proven experience in information security, security engineering, or cybersecurity.<br/></p><p><br/></p><p>- Strong knowledge of network protocols, security architecture, firewalls, VPNs, IDS/IPS, and WAFs.<br/></p><p><br/></p><p>- Hands-on experience with SIEM tools (Splunk, QRadar, ELK, Sentinel).<br/></p><p><br/></p><p>- Proficiency in cloud security (AWS, Azure, GCP) including IAM, key management, and cloud compliance.<br/></p><p><br/></p><p>- Familiarity with secure coding practices, OWASP Top 10, and DevSecOps pipelines.<br/></p><p><br/></p><p>- Experience with vulnerability management tools (Nessus, Qualys, OpenVAS).<br/></p><p><br/></p><p>- Scripting knowledge in Python, PowerShell, or Bash for automation.<br/></p><p><br/></p><p>- Strong understanding of incident response lifecycle and digital forensics.<br/></p><p><br/></p><p>- Certifications preferred : CISSP, CEH, OSCP, CCSP, CISM, AWS/Azure Security Specialty.</p><br/></p> (ref:hirist.tech)