Job Summary:
The Cloud & Information Security Analyst is primarily responsible for ensuring the security of our On-premises & Cloud-based infrastructure and Information Systems. The incumbent will play a critical role in identifying potential security risks, implementing measures to mitigate those risks, and maintaining compliance with industry regulations and best practices. The ideal candidate will have a strong background in cloud infrastructure, information security, and risk management.
What You’ll Do
- Evaluate and assess the security posture of On-premises & cloud-based infrastructure, applications, and services.
- Assess and implement security tools & controls for Cloud platforms, such as AWS, Azure, or Google Cloud to enhance the organization’s security posture.
- Configure and monitor On-premises & cloud security tools and services, including firewalls, IAM (Identity and Access Management policies & permissions).
- Perform network administrative functions for WAN connectivity, International Sites and Multi-Homing Internet Gateways. Working with international and local carriers/ISPs for global peering and circuit installations.
- Creating Policies, Custom-Categories, URL Filtering and adding/removing URLs from local categories on Palo Alto (5050, 3020, 200, Panorama) and Cisco ASA (5510, 5515, 5525x, 5545x).
- Monitoring network through Cacti and firewall. Also, Managing Firewall, VPN and security profiles.
- Hands on experience on Cisco and Dell Managed switch series.
- Develop, implement, and maintain information security policies, procedures, and standards.
- Maintain InfoSec records as per ISO 27001 standards.
- Lead & facilitate in ISO ISMS 27001 (2013 & 2022) Information security assessments and audits (Internal & External).
- Collaborate with cross-functional teams and help prepare for audits, address security concerns, and provide recommendations.
- Conduct regular security audits and vulnerability assessments to identify potential threats and vulnerabilities.
- Stay up to date on emerging security threats, vulnerabilities, and industry best practices.
- Provide guidance, support to internal teams, and conduct security awareness training for internal teams.
- Contribute to the continuous improvement of the organization’s security posture through risk analysis and mitigation strategies.
- Monitor and analyze security alerts and events to identify and respond to security incidents.
- Document security incidents and their resolution for future reference.
- Management of M365 Infrastructure (Microsoft Admin Center, Intune) & Apps (SharePoint, OneDrive, Exchange, Teams).
What You’ll Need
- Must have CCNA, ideally CCNP | Fortinet NSE | Palo Alto PCNSA
- Must be well-versed with ISO 27001:2013 & ISO 27001:2022 Standards.
- Experience with regulatory compliance frameworks such as HIPAA, NIST or GDPR, is a plus.
- Proven experience in cloud computing platforms such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP).
- Knowledge of scripting languages (e.g., SQL, PowerShell) for automation and orchestration is a plus.
- Must be energetic, motivated, and creative for project implementation and support.
- Bachelor’s degree, preferably Computer Science
- 2+ years of experience in Leading Information Security Audits.
- 2-3+ years of experience in Cloud & On-premises Infrastructure, Network & System Administration.