INFORMATION SECURITY JOB DESCRIPTION

• Proven experience in designing secure architectures for complex IT environments, including on-premises, cloud and hybrid infrastructures.
• Ability to create and maintain detailed security architecture blueprints, reference architectures, and security models.
• Deep understanding of Zero Trust Architecture principles and implementation.
• Advanced knowledge of network protocols (TCP/IP, UDP, HTTP/S, DNS, etc.), and network security mechanisms (VPNs, proxies, NAT, firewalls, WAF).
• Proficiency in configuring and managing network security devices (e.g., next-generation firewalls, IDS/IPS, network access control).
• Experience with network segmentation, micro-segmentation, and secure network design.
• Extensive experience conducting risk assessments, vulnerability assessments, and penetration testing.
• Proficiency with risk management frameworks such as ISO31000 and GRC (Governance, Risk, and Compliance) platforms.
• Capability to develop and implement risk mitigation strategies and action plans.
• Experience conducting risk assessments to identify potential risks associated with managed services.
• Ability to incorporate risk mitigation strategies into SLAs.
• Advanced knowledge of IAM protocols and technologies, including LDAP, Kerberos, SAML, OAuth, and OpenID Connect.
• Experience implementing and managing federated identity solutions and SSO across diverse applications and systems.
• Experience with IAM solutions such as Okta, Azure AD, Ping Identity, and SailPoint.
• Expertise with PAM solutions (CyberArk, BeyondTrust, Thycotic) for managing and securing privileged accounts.
• Experience in designing and enforcing policies for least privilege access and managing privileged session monitoring.
• Proficiency in secure coding practices and familiarity with languages such as Java, C#, Python, JavaScript, and their respective security considerations.
• Experience integrating security into DevOps/DevSecOps pipelines using tools like Jenkins, GitLab, SonarQube, and Checkmarx.
• Expertise in conducting code reviews and using static (SAST) and dynamic (DAST) analysis tools.
• Proficiency with SIEM platforms (Splunk, QRadar, ArcSight) for real-time security monitoring, log management, and threat detection.
• Experience with user and entity behavior analytics (UEBA) tools to detect anomalous activities and potential security incidents.
• Expertise in incident response processes, playbooks, and tools such as Mandiant, CrowdStrike Falcon, or Carbon Black.
• Proficiency in using security orchestration, automation, and response (SOAR) platforms like Demisto, Phantom, or Swimlane to automate incident response and remediation tasks.
• Experience with integrating security tools and automating workflows using APIs and scripting languages.
• Advanced understanding of cryptographic principles, algorithms (AES, RSA, ECC), and protocols (SSL/TLS, IPsec, SSH).
• Experience with implementing and managing cryptographic solutions, key management, and public key infrastructure (PKI).
• Familiarity with advanced threat protection tools and techniques, including sandboxing, threat hunting, and malware analysis.
• Experience with endpoint detection and response (EDR) and extended detection and response (XDR) platforms.
• Deep understanding of Service Level Agreements (SLAs), including their structure, components, and key performance indicators (KPIs).
• Experience with drafting, negotiating, and managing SLAs specific to security services.
• Proficiency in managing relationships with MSPs, including performance monitoring, issue resolution, and contract management.
• Define penalties or service credits for MSPs that fail to meet SLA targets.
• Ensure penalty clauses are enforceable and incentivize MSP compliance.
• Include requirements for MSP disaster recovery and business continuity plans.
• Experience in evaluating MSP capabilities, service offerings, and compliance with SLAs
• Expertise in designing and implementing role-based access control (RBAC), attribute-based access control (ABAC), and least privilege principles.
• Knowledge of software composition analysis (SCA) tools and techniques to manage open-source software risks.
• Understand current and emerging threats, attack vectors, and tactics, techniques, and procedures (TTPs) used by threat actors.
• Experience using threat intelligence platforms (TIPs) like ThreatConnect, Anomali, Recorded Future, or MISP to gather and analyze threat data.
• Indicator of Compromise (IOC) Management: Ability to identify, categorize, and manage IOCs (e.g., IP addresses, hashes, domains).
• Familiarity with hypothesis-driven threat hunting methodologies, including structured approaches like MITRE ATT&CK and Cyber Kill Chain.
• Proficiency with EDR and XDR tools like CrowdStrike, Carbon Black, SentinelOne, or Microsoft Defender for Endpoint.
• Experience using the STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) model to identify and categorize threats.
• Familiarity with the DREAD (Damage, Reproducibility, Exploitability, Affected Users, Discoverability) framework for risk assessment and prioritization.
• Proficiency in using the MITRE ATT&CK framework to map out potential adversary tactics and techniques.
• Ability to design and recommend security controls and countermeasures to mitigate identified threats.
• Skills to validate the effectiveness of implemented controls through testing and continuous monitoring.

Please refer the Job description for details