SecOps Consultant – Azure IRC173375
|Location:||Ukraine - Kyiv|
|Designation:||Senior Software Engineer|
We represent our teams to enterprise clients across industries, establishing business relationships. We collaborate as a team and cross-functionally to ensure the success of our customers, success that is celebrated and shared. Our solutions bring value to every line of business and we passionately articulate our value proposition.
If driving real change gives you a sense of pride, and you are passionate about powering social good, we’d love to hear from you.
- – 5+ years of IT experience with at least 3 years of experience working on cybersecurity.
- – Experience implementing and administering Azure Cloud Security Posture Management (CSPM) & Cloud Workload Protection Platform (CWPP) tools – e.g., Prisma Cloud, Dome 9, Lacework, etc.
- – Solid understanding of security fundamentals as they pertain to Azure Cloud Security and Compliance.
- – Strong working knowledge and experience with log analysis using a SIEM including writing and tuning rules for alerts, reading and interpreting logs from various platforms including Linux, Windows, and networking appliances.
- – Experience using IT security systems and SIEM tools like Azure Sentinel, Rapid7, SumoLogic, Guard Duty, ELK, Splunk, LogRythm, etc., EDR, and Anti-Malware technology and platforms.
- – Experience with threat models, network security, cryptography, authentication, authorization, and RBAC.
- – Solid understanding and experience with securing public cloud deployments and distributed systems using public cloud hosting, including AWS, Azure
- – Knowledge of data encryption techniques.
- – Experience in Cloud audit, review, and monitoring Security: encryption, VPC Flow logs, security groups, routing tables, ACL’s, Elastic IPs
- – Experience creating BOTS
Nice to have skills:
- – Self-motivated, energetic individual who is passionate and outcome-focused with the ability to learn with a strong work ethic and adapt quickly to changing environments and priorities.
- – Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization
- – Experience with security testing tools (Qualys, Nikto, Burp suite, Appscan, WebInspector, SQLMAP, Kali, etc.)
- – Understanding of application security patterns including web application security (OWASP top 10, XSS, injection vulnerabilities, CSRF, platform security hardening), and mobile security (device fingerprinting, Mobile authentication, and key exchange) strategies.
- – Knowledge of how to execute security testing (SAST, DAST, and SCA) implemented via a CI/CD pipeline.
- – Ability to assist in coding of custom automation of security tasks is a plus
- – Ideally an industry-recognized certification: AWS Security, Azure Security, SSCP, Security+, CISA, CCSK, CEH, or alternative.
- – Knowledge of scripts and languages such as Bash/PowerShell/Python/Go
- – Excellent computer proficiency including JIRA, Salesforce, and MS Office – Word, Excel, Outlook, SharePoint
- – Responsible for the design and development of innovative security architectures for protecting data deployed in Cloud service providers.
- – Assess day-to-day monitoring of IT security systems by reviewing end-customer security alerts and logs.
- – Assess how customer teams investigate security alerts and handle incident response.
- – Document security processes and procedures for end customers and operations teams.
- – Collaborate with InfoSec and Global Cloud Operations personnel in the analysis, discovery, and containment of cyber security incidents.
- – Provide expertise and support in the deployment of security measures and understand information security management.
- – Provide guidance for a strong security posture in direct interaction with DevOps teams in the deployment of orchestration, automation, and security configuration management throughout the SDLC pipeline/process.
- – Experience working with security assessment teams during testing to be able to convey findings to technical and non-technical audiences and analyze the results of vulnerability scans and/or penetration testing.
- – Designing and implementing automated security processes and controls to increase operational effectiveness and reduce manual processes.
- – Interfacing with infrastructure and other teams throughout the organization with the objective to provide high-quality and low-friction, security operations services and compliance with internal and regulatory security standards.
- – Preparing and documenting standard operating procedures.
- – Act as part of the incident response team providing troubleshooting, analysis, and forensics when needed.
- – Review solutions, recommendations, and risk documentation to minimize the risk of implementation of recommended products, applications, and infrastructure.
- – Stay current on IT security trends, news, and standards.
What We Offer
Exciting Projects: Come take your place at the forefront of digital transformation! With clients across all industries and sectors, we offer an opportunity to participate in creating market-defining products using the latest technologies.
Collaborative Environment: Expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment — or even abroad in one of our global centers or client facilities!
Work-Life Balance: GlobalLogic prioritizes work-life balance, which is why we offer flexible opportunities and options.
Professional Development: Our dedicated Learning & Development team regularly organizes certification and technical / soft skill training to help you realize your professional goals.
Excellent Benefits: We provide our consultants with competitive compensation and benefits
Fun Perks: We want you to love where you work, which is why we host sports classes, cultural, social and team building activities such as sports competitions and end-of-year corporate parties. Our vibrant offices also include dedicated GL Zones and rooftop decks where you can drink coffee or tea with your colleagues over a game of table football or darts!
About GlobalLogicGlobalLogic is a leader in digital engineering. We help brands across the globe design and build innovative products, platforms, and digital experiences for the modern world. By integrating experience design, complex engineering, and data expertise—we help our clients imagine what’s possible, and accelerate their transition into tomorrow’s digital businesses. Headquartered in Silicon Valley, GlobalLogic operates design studios and engineering centers around the world, extending our deep expertise to customers in the automotive, communications, financial services, healthcare and life sciences, manufacturing, media and entertainment, semiconductor, and technology industries. GlobalLogic is a Hitachi Group Company operating under Hitachi, Ltd. (TSE: 6501) which contributes to a sustainable society with a higher quality of life by driving innovation through data and technology as the Social Innovation Business.