Essential duties & responsibilities:
Analyze and recommend improvements to network, system, and application architectures to enhance security.

Research, design, and implement cybersecurity solutions that protect the organization’s systems and products.

Collaborate with DevOps, Platform Engineering and Architecture teams to ensure security is embedded in the design and development of applications and systems.

Actively participate in the change management process ensuring security considerations are prioritized in system upgrades and modifications.

Design and deploy automated security controls to improve efficiency in risk identification, configuration management, and security assessments.

Develop and refine security policies to address cloud security misconfigurations, leveraging cloud-native security technologies.

Implement logging and monitoring solutions for cloud environments to enhance SOC team capabilities in detecting and responding to security incidents.

Assess and review emerging technologies to identify potential security risks and implement mitigation strategies.

Design and deploy innovative security technologies to address evolving security challenges.

Conduct vulnerability scanning, anomaly detection, and risk assessment to enhance the security posture.

Work closely with security architects to develop and deploy security solutions that address cloud-specific risks.

Take ownership of security posture improvements, ensuring strict security policies and controls align with business objectives.

Research and stay up to date on emerging security threats and provide strategic recommendations to strengthen security defenses.

Qualification & Experience:

Hands-on experience with implementing security controls, including Database security, Web content filtering, Anomaly detection & response, Vulnerability scanning & management

Proficiency in at least one scripting language (e.g., Perl, Python, PowerShell, Bash) for automation and security tooling.

Expertise in at least one of the following security domains: Network security (e.g., IDS/IPS, firewall hardening) , Cloud-native security (e.g., IAM, security groups, encryption), Endpoint security (e.g., EDR/XDR, mobile security) , Application security (e.g., SAST, DAST, API security)

Strong familiarity with industry security frameworks and regulations, including: NIST Cybersecurity Framework (CSF), CIS Controls, HIPAA, GDPR compliance

Ability to assess compliance requirements and implement security controls to ensure adherence.

Strong problem-solving and analytical skills, with the ability to assess complex security risks and develop mitigation strategies.

Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders.

Proven ability to work independently, manage projects, and contribute as an integral part of a high-performing security team