Career
Cloud Security Architect
Job Type: [Full-time/Part-time/Contract]
Department: Cyber Security
We are seeking a Cloud Security Architect to design and implement our company's cloud security architecture. The ideal candidate will possess a strong background in cloud technologies, security frameworks, and best practices. You will collaborate with IT teams to build robust security solutions that safeguard our cloud infrastructure and sensitive data.
Key Responsibilities
Monitor cloud environments for security breaches, vulnerabilities, and misconfigurations.
Develop and enforce security policies, standards, and procedures for cloud services.
Collaborate with development and operations teams to integrate security into the DevOps pipeline.
Respond to security incidents and provide remediation recommendations.
Stay informed about the latest cloud security trends, threats, and technologies.
Implement and manage security measures across cloud platforms (e.g., AWS, Azure, Google Cloud).
Conduct risk assessments and vulnerability assessments to identify security weaknesses.
Assist in compliance audits and ensure adherence to industry standards (e.g., CIS, NIST, SOC2, PCI-DSS, GDPR).
Provide training and awareness programs for staff on cloud security best practices.
Core Focus Areas
Identity and Access Management (IAM)
Control access to cloud resources using role-based access control (RBAC).
Apply least privilege principles and enforce multi-factor authentication (MFA).
Data Protection
Encrypt data at rest and in transit.
Implement data loss prevention (DLP) measures.
Regularly back up data with disaster recovery plans.
Network Security
Deploy Virtual Private Networks (VPNs) and secure connections.
Implement firewalls and intrusion detection/prevention systems (IDS/IPS).
Segment networks to isolate sensitive resources.
Application Security
Conduct regular security testing, including vulnerability assessments and penetration testing.
Apply secure coding practices and third-party code reviews.
Security Monitoring and Incident Response
Use SIEM solutions (e.g., Sentinel, Splunk, Chronicle) for real-time monitoring.
Establish and update incident response plans.
Compliance and Governance
Adhere to regulations (e.g., GDPR, HIPAA, ISO 27001).
Conduct regular audits and assessments.
Maintain documentation of policies and security controls.
Principles of Cloud Security Architecture
Defense in Depth: Utilize multiple security layers.
Least Privilege: Limit access to necessary resources.
Resilience: Design systems to recover from incidents.
Visibility: Maintain comprehensive logging and monitoring.
Qualifications
Bachelor’s degree in Computer Science, Information Technology, or a related field.
Proven experience in cloud security architecture and cybersecurity.
Expertise in cloud platforms (AWS, Azure, GCP) and their security features.
Familiarity with security frameworks (e.g., NIST, CIS, SOC2, PCI-DSS, ISO 27001).
Relevant certifications are highly desirable.
Strong analytical, problem-solving, and communication skills.
Preferred Skills
Proficiency in automation and orchestration tools (e.g., Terraform, Ansible).
Knowledge of container security and orchestration (e.g., Docker, Kubernetes).
Familiarity with scripting languages (e.g., Python, Bash) for automation tasks.
Benefits
Competitive salary and performance-based bonuses.
Comprehensive health, dental, and vision insurance.
401K plan with company matching.
Opportunities for professional development and training.
Flexible work arrangements.
Cloud Cyber Security Engineer
Job Type: [Full-time/Part-time/Contract]
Department: Cyber Security
We are looking for a Cloud Cyber Security Engineer to safeguard our cloud infrastructure. This role involves ensuring compliance with security policies, mitigating vulnerabilities, and addressing misconfigurations. The ideal candidate will possess a strong understanding of cloud technologies, security best practices, and risk management strategies.
Key Responsibilities
Monitor cloud environments for security breaches, vulnerabilities, and misconfigurations.
Develop and enforce security policies, standards, and procedures for cloud services.
Collaborate with development and operations teams to integrate security into the DevOps pipeline.
Respond to security incidents and provide remediation recommendations.
Stay informed about the latest cloud security trends, threats, and technologies.
Implement and manage security measures across cloud platforms (e.g., AWS, Azure, Google Cloud).
Conduct risk assessments and vulnerability assessments to identify security weaknesses.
Assist in compliance audits and ensure adherence to industry standards (e.g., CIS, NIST, SOC2, PCI-DSS, GDPR).
Document security incidents and maintain detailed reports.
Provide training and awareness programs for staff on cloud security best practices.
Benefits
Competitive, industry-standard salary and performance-based bonuses.
Comprehensive health, dental, and vision insurance.
Retirement plan with company matching.
Professional development opportunities.
Flexible work environment.
Preferred Skills
Experience with security tools and technologies (e.g., firewalls, SIEM tools such as Sentinel, Splunk, Chronicle, and others like WIZ, CrowdStrike, Rapid7, Defender for Cloud).
Knowledge of container security and microservices architecture.
Proficiency in scripting languages (e.g., Python, Bash) for automation.
Familiarity with infrastructure-as-code tools (e.g., Terraform, Ansible).
Qualifications
Bachelor’s degree in Computer Science, Cyber Security, Information Technology, or a related field.
Proven experience in cloud security and cybersecurity.
Knowledge of cloud platforms (AWS, Azure, GCP) and their security features.
Familiarity with security frameworks and compliance requirements.
Strong analytical and problem-solving skills.
Relevant certifications (e.g., Azure, AWS, GCP).
Excellent communication and teamwork skills.
SOC/MDR Analyst
Job Type: [Full-time/Part-time/Contract]
Department: Cyber Security
We are seeking an experienced SOC/MDR Analyst to join our Security Operations Center (SOC). This role focuses on monitoring, detecting, and responding to security incidents to protect our organization’s information systems. You will collaborate with security professionals to analyze threats, investigate incidents, and enhance security measures.
Key Responsibilities
Monitor security alerts and events using SIEM tools (e.g., Sentinel, Splunk, Chronicle).
Analyze and investigate security incidents to determine their impact and recommend remediation steps.
Document security incidents and provide detailed reports to management.
Stay current with the latest cybersecurity trends, vulnerabilities, and threat intelligence.
Participate in security awareness training and educate staff on security best practices.
Assist in compliance audits and maintain documentation of security policies and procedures.
Conduct proactive threat hunting to identify and mitigate potential security threats.
Maintain and update incident response plans and procedures.
Collaborate with IT teams to enhance overall security posture and incident response capabilities.
Preferred Skills
Experience with incident response and forensic analysis.
Familiarity with scripting languages (e.g., Python, PowerShell) for automation tasks.
Knowledge of cloud security concepts and technologies.
Benefits
Competitive salary and performance-based bonuses.
Comprehensive health, dental, and vision insurance.
401(k) plan with company matching.
Opportunities for professional development and training.
Flexible work arrangements.
Qualifications
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
Proven experience in a security operations or related cybersecurity role.
Familiarity with SIEM tools (e.g., Splunk, QRadar, Sentinel, Chronicle) and endpoint security solutions.
Strong understanding of network security, firewalls, and intrusion detection/prevention systems (IDS/IPS).
Knowledge of security frameworks and standards (e.g., NIST, CIS, PCI, HIPAA, GDPR, CCPA, ISO 27001).
Relevant certifications (e.g., Azure, AWS, GCP) are a plus.
Strong analytical and problem-solving skills.
Excellent communication and teamwork abilities.
Vulnerability Assessment and Penetration Testing (VAPT) Specialist
Job Type: [Full-time/Part-time/Contract]
Department: Cyber Security
We are seeking a dedicated Vulnerability Assessment and Penetration Testing (VAPT) Specialist to join our cybersecurity team. This role focuses on identifying, analyzing, and addressing security vulnerabilities across our organization’s systems and applications. The ideal candidate will have expertise in conducting comprehensive assessments and penetration testing to strengthen our cybersecurity ecosystem and protect critical assets.
Key Responsibilities
Conduct vulnerability assessments on web applications, networks, databases, and systems to identify security flaws.
Perform penetration testing using a variety of methodologies to simulate real-world attacks.
Analyze and prioritize vulnerabilities based on risk and organizational impact.
Collaborate with IT and development teams to communicate findings and provide remediation guidance.
Prepare detailed reports outlining vulnerabilities, risk assessments, and actionable recommendations.
Stay updated on emerging threats, vulnerabilities, and industry best practices.
Develop and maintain testing tools, scripts, and methodologies.
Participate in incident response efforts and assist with security investigations as needed.
Provide training and awareness sessions to improve the organization’s security posture.
What We Offer
Competitive salary and comprehensive benefits package.
Opportunities for professional growth and certification.
A collaborative and innovative work environment.
Exposure to diverse projects and cutting-edge security technologies.
Qualifications
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
Relevant certifications (e.g., AWS, Azure, GCP, CEH, OSCP).
Experience with vulnerability assessment tools (e.g., Nessus, Qualys, Burp Suite) and penetration testing frameworks.
Strong understanding of networking protocols, security controls, and ethical hacking techniques.
Familiarity with various operating systems (Windows, Linux, etc.) and application security practices.
Excellent analytical, problem-solving, and communication skills.
Ability to work both independently and collaboratively in a team environment.