Job description

Key Responsibilities - Administer and optimize DLP solution for data governance, risk, and compliance. - Participate in the Security Operations Center (SOC) on-call rotation, triaging and investigating security incidents using Microsoft Defender, Sentinel, and Splunk. - Implement and manage security solutions across network, systems, and cloud environments, including endpoint security and hardening tools. - Monitor and analyze data from various sources (network logs, user activity, access control, behavioral indicators) to identify and respond to threats. - Report on coverage of security tool deployment and ensure gaps and risks are documented. - Work with other security teams to ensure logging is in place, vulnerabilities are addressed, and training is provided. - Implement security policies, standards, and procedures for infrastructure and data security, including hardening standards for IT deployments. - Research and evaluate new security technologies and provide recommendations to leadership. - Conduct regular audits and assessments to evaluate program effectiveness and escalate issues or risks as needed. - Ensure cloud deployments are secure and compliant with infrastructure security standards. Skills and Experience - Understands key business drivers and applies this understanding to daily work. - Delivers high-quality work and positively influences team outcomes; adheres to guidelines and policies. - Explains complex technical information in straightforward situations; collaborates effectively across teams. - Demonstrates expanded conceptual knowledge in cybersecurity, data governance, and SOC operations. - Provides informal guidance to new team members and supports knowledge sharing. - Solves problems in straightforward situations using technical experience, judgment, and precedents. - Experience with Microsoft Purview, Defender, Sentinel, and Splunk. - Proficient in SIEM, UEBA, DLP, and EDR platforms. - Hands-on experience with endpoint security and hardening frameworks (e.g., CIS Benchmarks). - Experience with cloud platforms (AWS, Azure, GCP) and cloud security tools. - Understanding of scripting languages (PowerShell, Python, Bash). - Strong knowledge of network, system, and cloud security concepts. - Experience - At least 3–5 years of experience in cybersecurity, with a focus on infrastructure and SOC operations. - Certifications - Preferable but not required: Security+, CISSP, CISM, AZ-900, SC-900. - Education - Bachelor’s degree in Computer Science, Information Technology, or a related field is preferred.

Requirements