Job Description

:Key Responsibilities * Identity and Access Management (IAM)

• Design, implement, and manage IAM frameworks, ensuring secure access control across on-premises and cloud environments.
• Administer user accounts, roles, and permissions following the principle of least privilege.
• Perform periodic access reviews and audits to ensure compliance with organizational policies.
• Manage single sign-on (SSO), multi-factor authentication (MFA), and identity federation solutions.
• Collaborate with application teams to implement secure authentication and authorization protocols.

• Vulnerability Management

• Conduct regular vulnerability scans across infrastructure, applications, and endpoints using tools such as Qualys, Nessus, or equivalent.
• Analyze vulnerability reports, prioritize risks, and coordinate remediation efforts with relevant teams.
• Maintain and improve patch management processes to address identified vulnerabilities.
• Monitor and track emerging threats, ensuring timely implementation of mitigation measures.
• Create and present vulnerability management dashboards and reports for stakeholders.

• Security Operations

• Monitor and respond to security incidents, ensuring quick containment and resolution.
• Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions.
• Conduct root cause analysis for incidents and implement preventive measures.
• Ensure compliance with security standards such as ISO 27001, NIST, or CIS benchmarks.
• Develop and update runbooks and incident response procedures.

• Collaboration and Governance

• Work closely with DevOps, infrastructure, and application teams to integrate security best practices.
• Participate in security assessments, audits, and risk analysis exercises.
• Support the development and enforcement of security policies and standards.
• Provide security awareness training to teams and stakeholders.

• Documentation and Reporting

• Maintain comprehensive documentation of IAM workflows, security processes, and vulnerability management activities.
• Provide periodic compliance and risk reports to management and relevant stakeholders.

• Proven experience in IAM, vulnerability management, and security operations.
• Strong knowledge of identity management tools and vulnerability scanning tools (e.g., Qualys).
• Proficiency in configuring and managing security tools such as firewalls, IDS/IPS, and endpoint security solutions.
• Familiarity with cloud security practices across platforms like AWS, Azure, or Google Cloud.
• Strong analytical and problem-solving skills with attention to detail.
• Relevant certifications such as CISSP, CISM, CompTIA Security+, or GIAC are highly desirable.

Zensar