Key Responsibilities
- Identity and Access Management (IAM)
- Design, implement, and manage IAM frameworks, ensuring secure access control across on-premises and cloud environments.
- Administer user accounts, roles, and permissions following the principle of least privilege.
- Perform periodic access reviews and audits to ensure compliance with organizational policies.
- Manage single sign-on (SSO), multi-factor authentication (MFA), and identity federation solutions. Collaborate with application teams to implement secure authentication and authorization protocols.
- Vulnerability Management
- Conduct regular vulnerability scans across infrastructure, applications, and endpoints using tools such as Qualys, Nessus, or equivalent.
- Analyze vulnerability reports, prioritize risks, and coordinate remediation efforts with relevant teams.
- Maintain and improve patch management processes to address identified vulnerabilities.
- Monitor and track emerging threats, ensuring timely implementation of mitigation measures. Create and present vulnerability management dashboards and reports for stakeholders.
- Security Operations
- Monitor and respond to security incidents, ensuring quick containment and resolution.
- Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions.
- Conduct root cause analysis for incidents and implement preventive measures.
- Ensure compliance with security standards such as ISO 27001, NIST, or CIS benchmarks. Develop and update runbooks and incident response procedures.
- Collaboration and Governance
- Work closely with DevOps, infrastructure, and application teams to integrate security best practices.
- Participate in security assessments, audits, and risk analysis exercises.
- Support the development and enforcement of security policies and standards. Provide security awareness training to teams and stakeholders.
- Documentation and Reporting
- Maintain comprehensive documentation of IAM workflows, security processes, and vulnerability management activities.
- Provide periodic compliance and risk reports to management and relevant stakeholders.
Qualifications and Skills
- Proven experience in IAM, vulnerability management, and security operations.
- Strong knowledge of identity management tools and vulnerability scanning tools (e.g., Qualys).
- Proficiency in configuring and managing security tools such as firewalls, IDS/IPS, and endpoint security solutions.
- Familiarity with cloud security practices across platforms like AWS, Azure, or Google Cloud.
- Strong analytical and problem-solving skills with attention to detail.
- Relevant certifications such as CISSP, CISM, CompTIA Security+, or GIAC are highly desirable.
नौकरी रिपोर्ट करें
