Minimum Requirements: Strong analytical skills and cross functional knowledge across multiple security platforms and other infrastructure disciplines Deep knowledge of Infrastructure security architectures, vulnerabilities and controls including Active Directory, Azure Active Directory, Cloud IaaS/PaaS and network implementations. Deep knowledge of application security vulnerabilities, testing techniques, and the OWASP framework. Experience in using security tools across different facets of infrastructure and applications. (SIEM, EDR, Threat Hunting (scripting), Vulnerability Exploitation, IAM, PAM etc.) Skilled in Security Penetration covering Microsoft Enterprise Environment (On-Premises and Cloud) Skilled in the Microsoft Security Stack (Defender, Sentinel, Endpoint Management) Skilled PowerShell&API Scripter (Python, C++, KQL will be advantageous) Experience in Penetration Testing and/or simulating of security events for controlled testing and validating of infrastructure and application environments Be able to articulate vulnerabilities, defects, technical controls and risks, with the Business in a manner that can be easily understood. Experience of Security frameworks like NIST and IEC 62443 Strong Investigation and Postmortem analysis skills with the expectation to discuss the root causes of an issue as they come up. Solid project management skills. Strong written and verbal communication skills. Good problem-solving skills. Responsibilities: Analyze information to identify security control and/or capability gaps that impacts the organizations security posture Provide advice and consultancy to internal customers on application and infrastructure threats and vulnerability remediation Consume and prioritize vulnerability results; provide remediation guidance and help eliminate false positives. Attend design and application architectural reviews and actively lead the discussions from a security standpoint Create formal written documentation of findings and recommendations to address vulnerabilities; assist development teams with writing patches for discovered vulnerabilities; assist security, server management, desktop, private/public cloud and application development teams with identifying and remediation of vulnerabilities Enhance the current controls and oversight of the various compute environments (private/public cloud, IaaS, PaaS and SaaS), reviewing configuration and designs and documenting improvements when necessary. Expand the use of automation in securing the environment and across multiple technology platforms. Provide the Interface between the local business unit and the global security team. #J-18808-Ljbffr