Lead, manage, and perform ongoing cybersecurity activities and related tasks, ensuring alignment with the Director of Cloud Engineering, Cybersecurity, and Compliance.
Lead, define, and implement the vulnerability remediation program for applications (software & firmware) and cloud infrastructure.
Maintain end-to-end visibility on the overall impact of remediation efforts.
Design and implement industry standard technical security measures for software and cloud infrastructure, leveraging frameworks such as GovRAMP/StateRAMP, NIST 800-53.
Liaison with SOC Team for ensuring real-time and accurate monitoring and reporting of prevention and detection activities.
Identify opportunities for improvement in collaboration with the SOC team.
Provide recommendations for initiatives to enhance the company’s cybersecurity and operational resilience.
Review architecture and make recommendations for improvements and new solutions.
Spearhead and design the end-to-end execution of the company’s Recovery Strategy.
Lead the implementation of robust containment and eradication strategy for the Azure cloud platform and hosted applications.
Design the Incident Response Plan for isolation of potential issues, implement mitigation and hardening measures.
Implement data loss prevention measures in Azure to protect sensitive information.
Manage identity and authentication measures in Azure and identify mechanisms to enhance security.
Recommend solutions to suit business requirements and enhance measures for encryption of data in transit and at rest.
Support management in periodic reporting of the cybersecurity posture and provide necessary evidence for the ongoing audits.
Advise on implementation of cloud security measures, IAM, WAF, and MS Defender policies.
Prepare and maintain comprehensive security reports, logs, and documentation.
Knowledge of embedding security into the CI/CD pipeline and development processes utilizing GitHub Advanced Security.
Gathering and utilizing threat intelligence to proactively defend the environment.

Requirements

5+ years of experience in leading diverse cybersecurity initiatives from design through implementation and adoption for applications and cloud infrastructure (Azure).
Experience with Microsoft Azure, GitHub Advanced Security, SonarQube, MS Defender for Cloud, Zscaler, Tenable
Experience with Jenkins, GitHub, Docker, and general workflow of CI/CD pipelines.
Windows, Cloudflare, Kali, Linux, (automation)
Experienced conducting penetration testing for applications, networks, and cloud infrastructure.
Experience with Hardware devices or components is a good to have.
Experience in analyzing vulnerabilities, conduct assessments, evaluating the environment for potential threats and experience with providing and implementing remediation solutions is expected.
Knowledge with SIEM (Microsoft Sentinel) and EDR tools (SentinelOne)
Solid knowledge of IAM, WAF, vulnerability management, and incident response
Knowledge of DevSecOps practices and CI/CD integration
Experience with forensic tools and disaster recovery planning
Exposure to threat intelligence platforms and third-party risk tools
Familiarity with security frameworks (NIST, ISO 27001) and regulatory compliance
Knowledge of NIST CSF or NIST 800-53 is good to have (partial adoption)
Familiarity with Jira and Confluence is nice to have.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurityvulnerability remediationincident responsepenetration testingdata loss preventionidentity and access management (IAM)DevSecOpsvulnerability managementdisaster recovery planningthreat intelligence

Soft Skills

leadershipcollaborationcommunicationproblem-solvinganalytical thinkinginitiativeadaptabilitystrategic planningreportingrecommendation