- Work with Technical teams and Business Units across the organization as a reference point for overall Cloud Security Management and operations, offering advice, support, and guidance on the wide range of security issues pertaining to Cloud Security.
- Work on and support daily operations of Microsoft Azure technologies, primarily Microsoft Purview and Microsoft Information Protection, Microsoft Defender for Cloud Apps, Exchange, and Endpoints, Cloud Security Posture Management, Privilege Identity Management, Security Configurations in Microsoft Entra ID, MS Teams and Azure deployments.
- Carry out proactive comprehensive security reviews such as data leakage reviews, risky users sign-in, access reviews, insider risk management, defender alert reviews, etc. across M365 deployments at internal and external clients, and work towards remediation and reporting of identified anomalies, deviations and breaches.
- Carry out Vulnerability Assessment on the deployed Cloud Infrastructure (and IT infrastructure, as required), report the vulnerabilities based on the Vulnerability and Risk Management framework, and track through resolution and revalidation.
- Take ownership to remediate the vulnerabilities identified in Cloud and On-Prem infrastructure in collaboration with respective IT product owner teams and revalidate the remediation before closure. Such vulnerabilities could be identified through Vulnerability Assessments, Security Posture Assessments, Penetration Tests, Cloud Security Assessments.
- Carry out security architecture and configuration assessments to identify the current state of security and compliance posture in the deployed cloud technologies, help respective teams remediate the identified gaps, and track till closure.
- Provide day-to-day operational support, including responding to security incidents, service requests, and tasks related to cloud platforms, deployed technologies on cloud or on-prem environment for internal and external clients as per the business requirements.
- Responsible for Information Security Incident Management for Cloud platforms, Cloud and On-Prem technologies being used in the internal and client environment as per the business requirement.
- Serve as a primary responder for Security incidents or vulnerabilities in the Cloud infrastructure, take ownership of the configuration issues and tracking through resolution.
- Monitor security logs or liaise with the teams monitoring the security logs for the entire cloud infrastructure to identify potential threats, vulnerabilities, indicators of compromise, to act on remediation and report anomalies to the management. Work along with SOC team to build security use cases on SIEM and SOAR platforms to proactively monitor the Cloud infrastructure, cloud and on-prem technologies.
- Daily monitoring and administration of deployed cloud security infrastructure and assurance tools.
- Help teams in designing and deploying Disaster Recovery technologies and implementing the Disaster Recovery operations over Cloud platforms. Work on developing Disaster Recovery Playbooks and recovery strategies for the organizational IT infrastructure.
- Design, implement, support, maintain and manage Cloud security technologies – such as CASB (Cloud Access Security Broker), Cloud ATP (Advanced Threat Protection), Data Loss Prevention, Data Classification and Protection, Information Rights Management, Vulnerability Management, Incident Response Management, and other cloud-based technologies based on the business requirements, and the integrations used to deliver internet-scale intelligence and managed security products.
- Develop security baselines and security hardening guidelines for Cloud technologies and platforms being used by the internal teams and clients as per the business requirements.
- Provide security inputs to the technical design and architecture of cloud solutions and technologies during the design stage and ensure they meet the security standards and best practices, and validate the incorporation of all the security requirements before deployment of solution/technology.
- Provide security inputs during the designing / development / configuration of application in the cloud infrastructure, and validate the incorporation of all the security requirements before application deployment.
- Accurately produce Technical High-Level and Low-Level Designs and documentation related to Cloud Infrastructure, application and Cloud Security services.
- Attend or lead Technical discussion meetings to gather the required information and design the High-Level or Low-Level Technical Design Specification creation, and make sure all the cloud related requirements are correctly covered in the provided solution.
- Perform periodic security configuration and compliance reviews against the approved established security baseline controls.
- Provide assurance of secure configuration, administration, and operations of Access Management, Data Discovery, Data Classification, Information Rights Management, Asset Management, Disaster Recovery, and Application Security over the Cloud platforms.
- Provide inputs and guidance to IT teams and other Business Units on the Cloud Security and Compliance roadmaps, architecture design, security baselining, security hardening, configuration and compliance reviews, identity and access governance for Cloud infrastructure.
- Ensure that Cloud infrastructure is deployed and managed in-line with the organization's information security policies, defined security baseline controls, cloud security best practices, international standards, and local regulations.
- Ensure all solutions exhibit high levels of performance, security, scalability, maintainability, and appropriate reusability and reliability upon deployment.
- Formulate and implement processes, procedures, standards and guidelines for all the cloud security related domains.
- Reporting weekly and monthly reports for the Cloud infrastructure's security status and availability status to the management.
- Maintain knowledge and views on Cloud Technology Futures; maintain technical skills and knowledge of market trends and competitive insights;
Secondary:
- Monitoring and management of overall information security incidents, analysis, containment, response, remediation, and post-incident analysis reporting to the management.
- Create and maintain threat modeling documentation for the systems and applications being used by the organization.
- Day-to-day operations of Information Security Governance technologies such as IAM (on-prem or cloud deployment), along with end-to-end management of Identity and Access management processes.
- Operating Data Protection Technologies (on-prem or cloud deployment) such as Data Loss Prevention, Data Classification, Information Rights Management, Web Filtering, UEM security, etc. Experience with ForcePoint DLP, ForcePoint CASB, Data Classification technologies, Information Rights Management tools, Web Proxy and Email Security Gateway tools is a definitive added advantage.
- Knowledge of implementation and management of Data Protection Program in an organization, and collaborating with entire business teams for awareness on Data Protection.
- Experience in identifying, handling, reporting and remediating data security incidents on day-to-day basis.
Education:
- Bachelors in Computer Science, Computer Engineering, Information Technology, Information Systems or equivalent
- Additional education in the field of Information Security / Cyber Security is a definite advantage
Minimum Work Experience:
- Overall 5 to 10 years of experience in Information Security and Cloud Security Services Domains.
Preferred Certifications/Training (Important):
- Microsoft Information Protection Administrator
- Azure Security Engineer Associate
- Microsoft Cybersecurity Architect Expert
- Microsoft Identity and Access Administrator Associate
- Certificate of Cloud Security Knowledge (CCSK)
- CompTIA Net+ and CompTIA Sec+
Preferred Certifications/Training or equivalents (Good to Have):
- Certified Cloud Security Professional (CCSP)
- Certified Information Systems Security Professional (CISSP)
- CompTIA Cloud+ Certification or Training
- Azure Solutions Architect Expert
- Certified Kubernetes Security Specialist (CKS)
- Certified Ethical Hacker (CEH)
- Certified Incident Handler (ECIH)
- CCNA or CCNP (Routing and Switching, or Security)
- ITIL v3 Foundation or higher
Soft Skills:
- Excellent verbal and written communication
- Good Presentation skills
- Detailed documentation and proof-reading
- Ability to travel to customer sites as needed
