Job Title: Information Security Specialist - Cloud & Infrastructure Security.
Location :Remote(Consultant Needs to work in EST Time Zone)
Key Responsibilities
1. Security Remediation & Hardening
• Identify and remediate vulnerabilities across cloud and on-prem systems
• Ensure 100% deployment and effectiveness of endpoint security (EDR/XDR)
• Drive patch management for Windows and Linux systems with defined SLAs
• Implement secure configuration baselines across environments
2. Cloud Security
• Assess and secure environments across AWS, Azure, and GCP
• Deploy and manage CSPM tools to continuously monitor misconfigurations
• Ensure secure IAM practices, including least privilege and MFA enforcement
• Identify and secure publicly exposed assets
3. Identity, Access & Privileged Account Management
• Implement and enforce password policies and MFA
• Support rollout of Privileged Access Management (PAM)
• Review and remediate excessive or risky access permissions
4. Vulnerability Management, Monitoring & Incident Response
• Run continuous patching and vulnerability scanning to maintain compliance and security baselines.
• Establish logging and monitoring for all critical systems
• Integrate systems with SIEM or centralized monitoring platforms
• Support incident detection, investigation, and response
• Develop and maintain incident response playbooks
5. Automation & Efficiency
• Develop automation scripts (PowerShell, Bash, Python) for:o Patch management
o System hardening
o User and access management
• Improve operational efficiency through automation
6. Governance & Documentation
• Document security configurations, processes, and standards
• Support compliance initiatives (SOC2, ISO 27001, NIST)
• Provide regular status reports on risk reduction and control implementation
Required Skills & Experience
• Strong experience in Cloud Security (AWS, Azure, GCP)
• Hands-on expertise in CSPM tools (AWS Security Hub / GuardDuty, Microsoft Defender for Cloud, Prisma Cloud, or Wiz)
• Experience with EDR/XDR solutions (e.g., CrowdStrike, SentinelOne, Microsoft Defender)
• Vulnerability management tools — Tenable, Qualys, or Rapid7
• Solid knowledge of patch management (Windows & Linux)
• Experience with IAM (Active Directory, Azure AD/Entra ID, Okta), MFA, and PAM solutions (e.g., CyberArk, BeyondTrust, Delinea)
• Familiarity with SIEM and security monitoring (Splunk, Microsoft Sentinel)
• Strong scripting skills (PowerShell, Bash, Python)
• Experience with virtualization and hypervisors (VMware, Hyper-V, etc.)
• Understanding of security frameworks (NIST, CIS, ISO 27001)
Preferred Qualifications
• CEH, CompTIA Security+, or equivalent foundational certification.
• Cloud security certifications (AWS Security Specialty, AZ-500, GCP Security Engineer).
• Experience handling or responding to security incidents
• Exposure to compliance frameworks (SOC2, ISO 27001)