Network and Infrastructure Security Consultant

responsible and empowered to provide governance and management of cyber security for B2B customer facing solutions and environments.

The Senior consultant will ensure that SD&A systems are up to date, hardened and compliant with all applicable internal, external and regulatory requirements. This is to ensure the availability, confidentiality, and integrity of SD&A systems.

Perform custodian activities for incident management

Improve the incident management process and maintain the same

Conduct reporting activities in line with business and management requirements.

Assist in the responsibilities for the review of vulnerabilities' data from multiple sources (i.e. external / internal penetration testing, internal / external vulnerability scanning, etc.) across multiple technologies and a changing environment including infrastructure and applications to determine risk rating of vulnerabilities to business assets.

Assist in improving and automating existing vulnerability management lifecycle. Including but not limited, data ingestion & normalization, compliance metrics and detections on assets.

Assist in partnering with tools and technology teams to troubleshoot, develop, select, implement and automate appropriate security solutions to keep system data protected from internal and external threats.

Assist in providing support and resolution for scanning and vulnerability remediation reporting issues.

Assist in working with the Business to effectively communicate the risks of identified vulnerabilities.

Stay informed and updated with current vulnerability information across all the products in the SD&A environment.

Provides analysis and validation post remediation, opportunities for improvements.

Assist in ensuring scan results are presented in appropriate dashboards, reports, and forwarded to relevant stakeholders etc.

Assist in interfacing with third-party vendors in improving the overall scanning process.

Perform any other duties as assigned by relevant management.

Provides Tier 3 level support to all security incidents, requests and identifies the root cause of incidents and problems

Oversight and governance over Key ITIL processes relevant to cyber security – Backup/ Recovery, Patching, Upgrades/Updates, EoL/EoS replacements

Testing and identifying network and system vulnerabilities

Ensuring that the organization's data and infrastructure are protected by enabling the appropriate security controls

Ensure compliance with current and future regulatory requirements related to information security.

Actively participate in the design and implementation of applications, services, and infrastructure to ensure security and privacy design principles are being followed

Identify vulnerabilities, missing patches, and misconfigurations across our cloud, on-premise, and employee infrastructure and ensure there is a scalable approach to prioritizing fixes for any issues identified

Identify security design gaps in existing and proposed architectures and escalate as needed

Identify and escalate risks associated with business processes, operations, information security programs, and technology projects

Assist in the design, build, and implementation of service provider-class security systems for a production environment

Recommend and assist in creating or improving processes/solutions that balance business requirements with information and cyber security requirements

Manage, and where required develop, industry best practice guidance and security hardening guidelines for all SD&A systems.

Manage the Identity and Access Management (IAM) Program.

Manage all internal and external security compliance engagement activities.

Communicate the compliance posture and effectiveness to management on a scheduled basis.

Provide technical leadership and expertise in cybersecurity to ensure the security of the global network infrastructure.

Collaborate with cross-functional teams to align security architecture with business objectives and regulatory requirements.

Stay updated on the latest cybersecurity trends and best practices to enhance the organization's security posture.

Actively seeking out the latest research on attacks and countermeasure. Incident Response experience and or threat actors understanding is beneficial.

Very good understanding around Privilege Access Management

Be the single point of contact for all security related incidents and requirements and provide follow up and action within SD&A for any open incidents