Strong analytical skills and cross functional knowledge across multiple security platforms and other infrastructure disciplines • Deep knowledge of Infrastructure security architectures, vulnerabilities and controls including Active Directory, Azure Active Directory, Cloud IaaS/PaaS and network implementations. • Deep knowledge of application security vulnerabilities, testing techniques, and the OWASP framework. • Experience in using security tools across different facets of infrastructure and applications. (SIEM, EDR, Threat Hunting (scripting), Vulnerability Exploitation, IAM, PAM etc.) • Skilled in Security Penetration covering Microsoft Enterprise Environment (On-Premises and Cloud) • Skilled in the Microsoft Security Stack (Defender, Sentinel, Endpoint Management) • Skilled PowerShell & API Scripter (Python, C++, KQL will be advantageous) • Experience in Penetration Testing and/or simulating of security events for controlled testing and validating of infrastructure and application environments • Be able to articulate vulnerabilities, defects, technical controls and risks, with the Business in a manner that can be easily understood. • Experience of Security frameworks like NIST and IEC 62443 • Strong Investigation and Postmortem analysis skills with the expectation to discuss the root causes of an issue as they come up. • Solid project management skills. • Strong written and verbal communication skills. • Good problem-solving skills. Analyze information to identify security control and/or capability gaps that impacts the organization's security posture • Provide advice and consultancy to internal customers on application and infrastructure threats and vulnerability remediation • Consume and prioritize vulnerability results; provide remediation guidance and help eliminate false positives. • Attend design and application architectural reviews and actively lead the discussions from a security standpoint • Create formal written documentation of findings and recommendations to address vulnerabilities; assist development teams with writing patches for discovered vulnerabilities; assist security, server management, desktop, private/public cloud and application development teams with identifying and remediation of vulnerabilities • Enhance the current controls and oversight of the various compute environments (private/public cloud, IaaS, PaaS and SaaS), reviewing configuration and designs and documenting improvements when necessary. • Expand the use of automation in securing the environment and across multiple technology platforms. • Provide the Interface between the local business unit and the global security team
Apply Now