IT Security Analyst

Summary

Join our team at TechBiz Global as a Senior Information Security Specialist and contribute to the security of our globally distributed IT infrastructure.

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field
• 3+ years of experience in information security, with a focus on identity and access management, network security, and cloud security
• Strong understanding of security principles, including threat modeling, risk assessment, and vulnerability management
• Proficiency in Active Directory, Azure AD, and other identity and access management tools
• Experience with security tools such as firewalls, intrusion detection systems, and SIEM solutions
• Knowledge of cloud security best practices, particularly in AWS or Azure
• Strong analytical and problem-solving skills
• Excellent written and verbal communication skills

Responsibilities

• Manage and maintain Active Directory (AD) permissions, ensuring appropriate Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) policies
• Review and implement single sign-on (SSO) solutions to streamline user access while maintaining security
• Ensure proper patching and vulnerability management for all infrastructure components
• Monitor and respond to CrowdStrike alerts, implementing necessary mitigations
• Develop and enforce Bring Your Own Device (BYOD) policies to secure endpoints accessing the network
• Secure infrastructure components by implementing and managing firewalls and other security policies
• Ensure that no public IPs are exposed unnecessarily and that communication between applications is secure and efficient
• Verify that critical data, especially customer data, is not exposed outside the organization
• Ensure that authentication and authorization mechanisms are correctly implemented, particularly for external applications connecting to ERP systems
• Collect and analyze logs from applications and devices to monitor for unusual activities
• Audit user and application activities, ensuring compliance with security policies
• Trigger and manage alerts for critical security incidents, and ensure that Intrusion Prevention System (IPS) capabilities are active and effective in the cloud environment
• Research the market cyber security trends and prepare training appropriately
• Develop and maintain comprehensive documentation, including guidelines, policies, and flow diagrams for security procedures and incident response plans

Preferred Qualifications

Industry certification like Security+, CCSP, Google Cloud Security Certifications (e.g., Cloud Security Engineer, Certified Cloud Security Professional), Azure Security Certifications (e.g., Azure Security Engineer Associate, Azure Security Expert), Microsoft 365 Certifications (e.g., Microsoft 365 Certified: Security Administrator)