ESB Solution Delivery and Development Lead

Job Responsibilities

1. Contribute to the application of information security measures to programs, devices, data, and system management in accordance with the policies and laws in force.
2. Participate in the implementation of the information security strategy to protect and report on information systems and prevent potential threats.
3. Monitor the current information security system and operational environment, implementing effective solutions for systems and devices.
4. Continuously monitor security events and alerts from various security tools (SIEM, IDS / IPS, etc.).
5. Coordinate with the incident response team to mitigate and remediate security threats.
6. Develop and execute playbooks and procedures for incident response.
7. Participate in post-incident reviews to improve future incident handling.
8. Generate regular reports on security incidents, trends, and SOC performance.
9. Simulate real-world attack scenarios to assess the effectiveness of existing security measures.
10. Collaborate with blue team members to refine detection and response capabilities.
11. Provide detailed reports on red team findings, including technical and strategic recommendations for improvement.
12. Maintain SOC tools and technologies (e.g., Splunk, IDS / IPS, firewalls).
13. Optimize the configuration and performance of security tools to ensure effective monitoring and detection.
14. Ensure proper access controls are in place for all SOC systems and tools.
15. Develop and maintain SOC operational policies and procedures.
16. Ensure compliance with company standards and best practices (e.g., ISO 27001, NIST).
17. Contribute to the incident response team during security events, ensuring smooth coordination and clear communication.
18. Participate in developing comprehensive security frameworks encompassing cloud infrastructure, data protection, IAM, and application security.
19. Design secure data flows between on-premises systems and cloud environments, ensuring data integrity and confidentiality.
20. Perform threat modeling to identify potential security risks within cloud architectures and develop strategies to mitigate those risks.
21. Integrate security automation tools and processes, such as IaC security scanning, automated compliance checks, and continuous monitoring.
22. Utilize DevSecOps practices to ensure security integration into the CI / CD pipeline and cloud deployments.
23. Implement advanced cloud security solutions, such as CASB, cloud-native firewalls, and CSPM tools.
24. Stay up to date with emerging security threats and cloud technologies, adapting the organization's security and cloud strategies accordingly.

Professional Certifications

Certified SOC Analyst (CSA), GIAC Certified Incident Handler (GCIH), CompTIA Security+, Splunk Core Certified User / Power User / Administrator, Offensive Security Certified Professional (OSCP), Microsoft Certified: Azure Security Engineer Associate, Certified Incident Handler (ECIH), Certified Cloud Security Professional (CCSP)