Job Description

Ensign is hiring !
Key Responsibilities
Cloud Security:

• Onboard various Cloud accounts (primarily AWS, Azure, GCP) into the CSPM tool
• Configure the CSPM tool with rules and policies to monitor the cloud services, use of terraform to manage deployment of configuration will be a bonus
• Review, triage, and analyse the alerts and misconfigurations across the configured cloud accounts
• Assess the risk and impact of identified misconfigurations and vulnerabilities, considering architectural best practises, asset criticality, and potential business impact

WAF:

• Configure WAF rules to protect client's public endpoints
• Perform advisory and assessment on WAF configurations and processes

Security Operations:

• Verify remediation actions and perform validation to ensure the vulnerabilities are resolved.
• Provide remediation guidelines and support to the respective stakeholders
• Perform ad-hoc scans and deeper investigation on the alerts as required
• Maintain dashboards and reports on findings status, trends, and progress for the client stakeholders and senior management.
• Provide regular updates on open alerts, progress toward remediation, and any exceptions or risks.
• Recommend improvements to scanning tools and methodologies for more efficient and accurate detection.
• Integrate the CSPM tool and WAF with third-party tools as required.

Qualifications and Skills

• Bachelor's degree in computer science, Information System, or related field (or equivalent work experience).
• Minimum 2 years of experience in cloud security, cloud operations, Vulnerability management or security operations.
• Minimum 2 years of experience in management of application firewall or application security.
• Hands-on experience with at least one cloud platform (AWS, Azure, or GCP)
• Experience in AliCloud is an advantage
• Knowledge of cloud security frameworks (e.g., CIS Benchmarks, NIST CSF, and similar frameworks)
• Working knowledge of API and basic python scripting skills
• Familiarity with any CSPM tools, WAF and Ticket management systems.
• Cloud certifications is an advantage
• Strong troubleshooting and communication skills, presentation skills are necessary.

Skills Required