|
Job Description –
Security Engineer (Hardening, Active Directory & Endpoint Security)
This role is ideal for a security professional with deep expertise in
endpoint hardening, Active Directory security governance, and enterprise
security configuration management.
Position: Security Engineer
Experience: 5–10 Years
Location: Flexible / Hybrid / Onsite
Job Summary
We are seeking an experienced Security Engineer with strong expertise
in system hardening, Active Directory security, Group Policy management, and
endpoint security. The ideal candidate will be responsible for reviewing,
implementing and maintaining security baselines, ensuring compliance with CIS
Benchmarks, managing AD security policies, and strengthening endpoint
protection across the enterprise environment.
Key Responsibilities
- Implement and maintain server and workstation
hardening standards based on CIS Benchmarks and industry best
practices.
- Perform security assessments, gap analysis, and
remediation activities for Windows and Linux environments.
- Design, configure, and manage Active
Directory Group Policies (GPOs) to enforce security controls and
compliance requirements.
- Develop and maintain security baselines for
servers, databases, and virtual environments.
- Configure and manage endpoint security
solutions, including antivirus, EDR/XDR, application control, device
control, and encryption technologies.
- Monitor endpoint security posture and remediate
vulnerabilities identified through security scans and audits.
- Collaborate with infrastructure and application
teams to implement security controls without impacting business
operations.
- Conduct security reviews of AD configurations,
privileged accounts, service accounts, and authentication mechanisms.
- Support vulnerability management activities,
including risk assessment, remediation tracking, and compliance
reporting.
- Create and maintain security documentation,
hardening standards, and operational procedures.
- Participate in incident response activities
related to endpoint and infrastructure security.
Required Skills
- Strong experience in Windows Server and
Active Directory Administration.
- Hands-on experience implementing CIS
Benchmarks for Windows, Linux, and endpoint systems.
- Expertise in Group Policy Objects (GPOs),
security templates, and AD security best practices.
- Experience with endpoint security platforms
such as Microsoft Defender for Endpoint, CrowdStrike, SentinelOne,
Trellix, or Symantec Endpoint Security.
- Strong understanding of security controls
including:
- Privileged Access Management (PAM)
- Multi-Factor Authentication (MFA)
- Endpoint Encryption
- Application Whitelisting
- Device Control
- Experience with one of the vulnerability
management tools such as Tenable, Qualys, or Rapid7.
- Knowledge of security frameworks and standards
including CIS, NIST, and ISO 27001.
- Scripting experience using PowerShell
for automation and security policy deployment.
Preferred Qualifications
- Bachelor's degree in Computer Science,
Information Security, or related field.
- Security certifications such as:
- CISSP
- Security+
- Microsoft Security Certifications
- GIAC Certifications
- CIS Benchmark-related certifications
- Experience in enterprise-scale security
operations and compliance environments.
Key Competencies
- Security Hardening & Compliance
- Active Directory Security
- Group Policy Administration
- Server and Database Security
- Vulnerability Management
- Incident Response Support
- Security Automation
- Risk Assessment & Remediation
|
Job Description –
Security Analyst (Zero Trust & Zscaler)
This role is ideal for a security professional experienced in
implementing Zero Trust strategies, managing Zscaler Private Access
solutions, and securing enterprise application access through identity-driven
security controls.
Position: Security Analyst – Zero Trust Security
Experience: 4–8 Years
Location: Flexible / Hybrid / Onsite
Job Summary
We are seeking a Security Analyst with hands-on experience in Zero
Trust Architecture (ZTA) and Zscaler Security Solutions,
particularly Zscaler Private Access (ZPA). The ideal candidate will be
responsible for designing, implementing, and managing secure access policies,
profiling user access, and ensuring compliance with Zero Trust security
principles across the enterprise environment.
Key Responsibilities
- Configure, administer, and maintain Zscaler
Private Access (ZPA) environments.
- Design and implement Zero Trust access
policies based on user identity, device posture, application
sensitivity, and business requirements.
- Profile and analyze user access patterns to
ensure least-privilege access and reduce security risks.
- Create, modify, and optimize access control
policies for internal applications and services.
- Collaborate with Identity and Access Management
(IAM) teams to integrate authentication and authorization controls.
- Monitor ZPA logs, user activities, and security
events to identify anomalies and potential threats.
- Troubleshoot user connectivity and access
issues within Zscaler environments.
- Conduct periodic reviews of access permissions
and recommend policy improvements.
- Support security audits, compliance
initiatives, and risk assessments related to access management.
- Develop and maintain documentation for ZPA
configurations, policies, and operational procedures.
- Work closely with network, infrastructure, and
application teams to onboard applications into the Zero Trust framework.
Required Skills
- Strong experience with Zscaler Private
Access (ZPA) administration and policy configuration.
- Good understanding of Zero Trust
Architecture (NIST 800-207) principles and implementation.
- Experience profiling users, applications, and
access requirements to build secure access policies.
- Knowledge of Identity Providers (IdPs) such as:
- Microsoft Entra ID (Azure AD)
- Okta
- Ping Identity
- ADFS
- Experience with authentication technologies
including:
- SAML
- OAuth
- OpenID Connect (OIDC)
- Multi-Factor Authentication (MFA)
- Understanding of networking concepts including
DNS, TCP/IP, VPN, SSL/TLS, and application connectivity.
- Experience with security monitoring, log
analysis, and incident investigation.
- Familiarity with SIEM platforms such as Splunk,
Microsoft Sentinel, or QRadar.
Preferred Qualifications
- Experience with additional Zscaler products
such as:
- Zscaler Internet Access (ZIA)
- Zscaler Digital Experience (ZDX)
- Zscaler Client Connector
- Knowledge of cloud security concepts across
AWS, Azure, or GCP.
- Experience with Privileged Access Management
(PAM) solutions.
- Relevant certifications:
- Zscaler Certified Administrator (ZCCA)
- Zscaler Certified Professional (ZCCP)
- Security+
- CISSP
- CCSP
Key Competencies
- Zero Trust Architecture
- Zscaler Private Access (ZPA)
- Identity & Access Management
- Access Policy Management
- User Access Profiling
- Security Monitoring & Analysis
- Risk Assessment & Compliance
- Incident Investigation & Troubleshooting
|
Job Description –
Application Security Analyst / System Security Architect
This role is ideal for a security professional who can represent
Information Security during project planning and implementation, ensuring
that security requirements are embedded into new initiatives from inception
through deployment.
Position: Application Security Analyst / System Security
Architect
Experience: 7–12 Years
Location: Hybrid / Onsite
Job Summary
We are seeking an experienced Application Security Analyst / System
Security Architect to act as the Information Security representative
(proxy) for new business and technology initiatives. The role will be
responsible for evaluating security requirements, conducting architecture and
risk reviews, ensuring compliance with enterprise security standards, and
providing security guidance throughout the project lifecycle.
Key Responsibilities
- Serve as the Information Security (IS)
representative/proxy for new initiatives, projects, and technology
implementations.
- Participate in project discussions,
architecture reviews, and design workshops to identify security risks
and required controls.
- Perform security assessments, threat modeling,
and risk analysis for new applications, systems, and infrastructure
solutions.
- Review application and system architectures to
ensure alignment with security policies, regulatory requirements, and
industry best practices.
- Provide security recommendations related to
authentication, authorization, encryption, network security, and data
protection.
- Partner with business, application development,
infrastructure, cloud, and third-party vendors to integrate security
requirements early in the project lifecycle.
- Review security exceptions and recommend risk
mitigation strategies.
- Support governance, risk, and compliance
activities, including audit and regulatory requirements.
- Evaluate cloud and on-premises solutions for
security risks and control effectiveness.
- Track remediation of identified security gaps
and vulnerabilities.
Required Skills
- Strong experience in Application Security,
Security Architecture, or Information Security Consulting.
- Experience conducting security architecture
reviews, threat modeling, and risk assessments.
- Knowledge of secure software development
practices and application security controls.
- Understanding of security frameworks such as NIST,
ISO 27001, CIS Controls, and OWASP Top 10.
- Experience with cloud security concepts across AWS,
Azure, or GCP.
- Strong understanding of:
- Identity and Access Management (IAM)
- Encryption and Key Management
- Network Security
- Secure SDLC
- Vulnerability Management
- Third-Party Risk Assessments
- Ability to communicate security risks and
recommendations to both technical and business stakeholders.
Preferred Qualifications
- CISSP, CCSP, CISM, SABSA, TOGAF, or equivalent
security certifications.
- Experience in financial services, banking, or
highly regulated environments.
- Familiarity with security governance,
regulatory compliance, and audit processes.
Key Competencies
- Security Architecture Review
- Application Security
- Threat Modeling & Risk Assessment
- Secure Design & Governance
- Cloud Security
- Stakeholder Management
- Security Consulting
- Compliance & Regulatory Support
|
