Sr. Information Security Engineer

 About Us:

At apexanalytix, we’re lifelong innovators! Since the date of our founding nearly four decades ago we’ve been consistently growing, profitable, and delivering the best procure-to-pay solutions to the world.   We’re the perfect balance of established company and start-up.  You will find a unique home here. 

And you’ll recognize the names of our clients. Most of them are on The Global 2000. They trust us to give them the latest in controls, audit and analytics software every day.  Industry analysts consistently rank us as a top supplier management solution, and you’ll be helping build that reputation.

Read more about apexanalytix - https://www.apexanalytix.com/about/

Job Details

The Role

Design and Implement Cloud Security Architecture:   Plan, execute, and manage cloud security architecture using Azure Sentinel, M365 Defender Suite, and Azure Security to ensure the organization's cloud infrastructure is secure and compliant.

·        Penetration Testing and Vulnerability Management:   Conduct regular penetration testing and vulnerability assessments to identify weaknesses in the organization's cloud infrastructure, applications, and networks, and implement remediation measures to address identified vulnerabilities.

·        Cloud Security Incident Response: Serve as the primary point of contact for cloud security incident response, ensuring timely and effective processing, containment, and remediation of security incidents in the cloud environment.

·        Azure Sentinel and M365 Defender Suite Management: Manage and configure Azure Sentinel and M365 Defender Suite to monitor and respond to security threats in the cloud environment, including threat hunting, incident response, and security analytics.

·        DevOps Security Integration: Collaborate with DevOps teams to integrate security into the CI/CD pipeline, ensuring that security is a key consideration throughout the software development lifecycle.

·        Cloud Security Compliance and Governance: Ensure cloud security compliance with relevant regulations and standards, such as HIPAA, PCI-DSS, and GDPR, and maintain up-to-date knowledge of cloud security governance best practices.

·        Cloud Security Monitoring and Reporting: Generate daily, weekly, and monthly reports on cloud security monitoring activities, providing insights and recommendations to stakeholders on cloud security posture and risk mitigation.

·        Cloud Security Risk Assessment and Mitigation: Conduct regular cloud security risk assessments to identify potential security risks and implement corrective actions to mitigate them.

·        Cloud Security Awareness and Training: Educate and train staff on cloud security awareness and best practices, ensuring that all employees understand their roles and responsibilities in maintaining cloud security.

·        Stay Up-to-Date with Cloud Security Trends and Technologies: Stay current with the latest cloud security trends, tools, and technologies, including Azure Sentinel, M365 Defender Suite, and Azure Security, to ensure the organization's cloud security posture is current and effective.

The Must Haves -

·        Bachelor's degree in Computer Science, Information Security, or related field.

·        Minimum of 5 years of experience in cloud security or related roles, with a focus on Azure Sentinel, M365 Defender Suite, Azure Security, penetration testing, and DevOps security.

·        Strong knowledge of cloud security architecture, cloud security compliance, and cloud security governance.

·        Experience with Azure Sentinel, M365 Defender Suite, and Azure Security, including configuration, management, and troubleshooting.

·        Strong understanding of DevOps security principles and practices, including integration of security into the CI/CD pipeline.

·        Certifications in cloud security, such as Azure Security Engineer Associate or Microsoft Certified: Azure Security Engineer, are highly desirable.

Preferred skills:

Experience with cloud security automation tools, such as Azure Functions, Azure Logic Apps, or PowerShell.

Knowledge of cloud security frameworks and standards, such as NIST Cybersecurity Framework or ISO 27001.

Experience with containerization and serverless computing, including Docker, Kubernetes, or Azure Functions.

Strong understanding of threat intelligence and threat hunting, including experience with threat intelligence platforms and tools.

Over the years, we’ve discovered that the most effective and successful associates at apexanalytix are people who have a specific combination of values, skills, and behaviors that we call “The apex Way”. Read more about The apex Way - https://www.apexanalytix.com/careers/

Benefits

At apexanalytix we know that our associates are the reason behind our successes. We truly value you as an associate and part of our professional family. Our goal is to offer the very best benefits possible to you and your loved ones. When it comes to benefits, whether for yourself or your family the most important aspect is choice. And we get that. apexanalytix offers competitive benefits for the countries that we serve, in addition to our BeWell@apex initiative that encourages employees’ growth in six key wellness areas: Emotional, Physical, Community, Financial, Social, and Intelligence.

With resources such as a strong Mentor Program, Internal Training Portal, plus Education, Tuition, and Certification Assistance, we provide tools for our associates to grow and develop.