[Urgent] L3 Security Specialist

Experience Required 8-12 years in Information Security with minimum 5 years in cloud security and SIEM operations Cloud Security Management Design implement and maintain security architectures across Azure and AWS multi-cloud environments Lead security assessments vulnerability management and penetration testing initiatives Architect and enforce security policies standards and best practices for cloud infrastructure Manage identity and access management IAM policies roles and permissions across both platforms Implement and maintain security monitoring logging and SIEM solutions Lead incident response activities and conduct root cause analysis for security events SIEM Operations Security Monitoring Design deploy and manage enterprise SIEM platforms Splunk Azure Sentinel IBM QRadar LogRhythm Develop and optimize correlation rules alerts and detection use cases Create custom parsers and data connectors for log ingestion from multiple sources Implement advanced threat hunting and analytics using SPL KQL or similar query languages Manage log retention archival and compliance requirements Integrate SIEM with SOAR platforms for automated incident response Tune alert thresholds to minimize false positives while maintaining detection effectiveness Generate security metrics dashboards and executive-level reports Conduct regular health checks and performance optimization of SIEM infrastructure Major Security Areas 1 Identity Access Management IAM Implement least privilege access and role-based access control RBAC Manage Single Sign-On SSO Multi-Factor Authentication MFA and Privileged Access Management PAM Configure Azure AD AWS IAM Okta and other identity providers Implement Just-In-Time JIT access and Privileged Identity Management PIM Conduct access reviews and entitlement management 2 Data Security Encryption Implement data classification and Data Loss Prevention DLP solutions Manage encryption at rest and in transit across all platforms Configure key management systems KMS and Hardware Security Modules HSM Implement database security controls and monitoring Design data masking and tokenization strategies 3 Endpoint Security Deploy and manage EDR XDR solutions CrowdStrike Microsoft Defender Carbon Black Implement anti-malware host-based firewalls and security agents Manage mobile device management MDM and endpoint compliance Configure application whitelisting and device control policies 4 Vulnerability Management Lead enterprise vulnerability assessment programs Manage scanning tools Qualys Nessus Rapid7 Tenable Prioritize vulnerabilities using CVSS scoring and business context Track remediation efforts and report on security posture Conduct regular penetration testing and red team exercises 5 Threat Intelligence Hunting Leverage threat intelligence feeds and platforms MISP ThreatConnect Recorded Future Conduct proactive threat hunting using MITRE ATT CK framework Analyze indicators of compromise IOCs and tactics techniques and procedures TTPs Develop custom threat detection rules and signatures Participate in threat intelligence sharing communities 6 Incident Response Forensics Lead security incident response following NIST guidelines Conduct digital forensics and malware analysis Manage security operations center SOC escalations Develop and maintain incident response playbooks Coordinate with external stakeholders during breaches 7 Cloud Security Posture Management CSPM Implement CSPM tools Prisma Cloud CloudGuard Azure Security Center Continuously monitor cloud configurations for security risks Remediate misconfigurations and security drift Enforce cloud security baselines and CIS benchmarks 8 Compliance Risk Management Ensure compliance with ISO 27001 SOC 2 GDPR HIPAA PCI-DSS NIST FedRAMP Conduct security audits and prepare compliance reports Perform risk assessments and develop risk mitigation strategies Manage security governance frameworks Develop and maintain security documentation runbooks and procedures Requirements Required Skills Expertise Cloud Platforms Azure Azure Security Center Microsoft Defender for Cloud Azure Sentinel Azure AD Azure Policy Azure Firewall Application Gateway NSGs Azure Monitor Azure Key Vault Microsoft Defender for Identity AWS AWS Security Hub GuardDuty AWS IAM Security Groups AWS WAF CloudTrail Config Inspector Macie KMS CloudWatch Systems Manager AWS Shield SIEM Security Monitoring SIEM Platforms Expert-level proficiency in Splunk Enterprise Security Azure Sentinel Microsoft Sentinel IBM QRadar LogRhythm Elastic SIEM Query Languages SPL Splunk KQL Kusto Query Language SQL for security analytics Log Management Log aggregation parsing normalization from diverse sources Windows Linux cloud network devices applications Correlation Analytics Creating correlation searches threat detection rules behavioral analytics SOAR Integration Integration with Security Orchestration and Automated Response platforms Splunk SOAR Azure Logic Apps Palo Alto Cortex XSOAR Threat Detection Building use cases for ATT CK framework anomaly detection user behavior analytics UEBA Security Tools Technologies Vulnerability Management Qualys Nessus Rapid7 Tenable OpenVAS EDR XDR CrowdStrike Falcon Microsoft Defender for Endpoint Carbon Black SentinelOne CASB Microsoft Defender for Cloud Apps Netskope Zscaler DLP Symantec DLP Microsoft Purview Forcepoint PAM CyberArk BeyondTrust Thycotic Secret Server API Security Apigee Kong AWS API Gateway security Security Frameworks Standards NIST Cybersecurity Framework CSF NIST SP 800-53 800-171 CIS Benchmarks and Controls OWASP Top 10 OWASP ASVS MITRE ATT CK Framework Zero Trust Architecture NIST SP 800-207 Cloud Security Alliance CSA Cloud Controls Matrix ISO 27001 27002 PCI-DSS HIPAA GDPR SOC 2 Highly Preferred certifications Certified Cloud Security Professional CCSP GIAC Security Essentials GSEC or GIAC Certified Incident Handler GCIH Certified Ethical Hacker CEH or Offensive Security Certified Professional OSCP Certified Kubernetes Security Specialist CKS