Skills

Network Security Vulnerability Assessment Cloud Security CI/CD DevOps Security Testing Azure Terraform Microsoft Azure

Job Specifications

Application Security Operations:

**Oversee the operational use and effectiveness of application security tools, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Software Composition Analysis (SCA).

** Collaborate with development and DevOps teams to integrate security testing into the CI/CD pipeline and ensure vulnerabilities identified by these tools are triaged and remediated effectively.

** Provide guidance on interpreting scan results and prioritizing remediation efforts for application-level vulnerabilities.

** Handling container security, ensuring base images are updated

Cloud Security :

** In-depth knowledge and hands-on experience with Microsoft Azure security services, specifically Microsoft Defender for Cloud, Entra ID and Azure Sentinel (SIEM/SOAR)

** Proficiency in assessing and hardening Azure environments, including IaaS, PaaS, and network security configurations.

** Defining and enforcing policies for Terraform, ARM templates, or Bicep.

Infrastructure Vulnerability Management:

** Proactively manage and conduct regular vulnerability assessments and remediation efforts for our infrastructure using Microsoft Defender for Cloud

** Ensure continuous security posture management for cloud and hybrid environments, identifying misconfigurations and security weaknesses.

** Work with relevant teams to prioritize and implement recommended security controls and patches identified through Defender for Cloud.

Essential Job Functions:

Support

* Vulnerability Assessment

* Threat Intelligence

* Application Security

* Secure Cloud Configuration

* Identity and Access Management

Other Responsibilities:

Work with Security team on other technical security related issues.

Maintain security tools and software

Consult with developers on application security

Manage security ticketing system

Minimum Qualifications and Job Requirements:

5 - 8 years Application and/or Infrastructure security experience ISO experience or certification

Certifications (one or more highly preferred):

* CISSP (Certified Information Systems Security Professional)

* CISM (Certified Information Security Manager)

* *AZ-500 (Microsoft Certified: Azure Security Engineer Associate)*

* CySA+ (CompTIA Cybersecurity Analyst+)

* CEH (Certified Ethical Hacker)

Note this is a hybrid position meaning a combination of remote and on-site work in Dearborn, MI. Client current hybrid policy is 3 days in the office, Tue-Thur, with remote days on Monday and Friday. Events, issues or exceptions might increase or reduce these requirements for a given week.

About the Company

We provide tailored IT solutions to optimize logistics operations, improve efficiency and scalability, and enable real-time tracking across the supply chain. Our Focused Services: Cloud Migration and Optimization: Transition to the cloud seamlessly and optimize your infrastructure for enhanced flexibility and performance. Web Development and AI: Develop impactful digital solutions with custom web development integrated with AI technologies. Robotic Process Automation (RPA): Automate repetitive tasks to streamline operati... Know more