Sonata Software North America Inc.

Information Security Consultant

Sonata Software North America Inc.
5+ years
Charlotte, NC
Contract
Remote
1 month ago

About the role

ABOUT SONATA SOFTWARE
Sonata Software, with over $1.2 Billion Revenue, is a leading AI-first Modernization Engineering company, powered by our unique PlatformationTM framework. Our 6400+ AI Engineers are helping enterprises transform from systems to intelligent business platforms leveraging partner ecosystem to drive speed, efficiency and growth. Our bouquet of Modernization Engineering Services with AI -first approach cuts across Cloud, Data, AI, Dynamics, Test Automation, and Managed Services.
Sonata’s AI-led modernization is enabled by a powerful suite of proprietary tools and assets. At the core is the Harmoni.AI Enterprise Platform, which includes Agent Bridge-a governance and observability framework; Agent Builder-a development toolkit for fungible agents integrated into enterprise systems; and the Agent Marketplace-an internal ecosystem for modular, reusable agents.
Headquartered in Bengaluru, India, Sonata Software has a strong global presence, including key regions US, UK, India, Malaysia, Mexico, Australia, DACH (Germany/Switzerland) & Nordics (Finland). We are a trusted partner of Fortune 500 companies in Banking, Financial Services and Insurance; Healthcare and Lifesciences; Telecom, Media, and Technology; and Retail, Manufacturing and Distribution space.
Job Title: Information Security Specialist - Cloud & Infrastructure Security.
Exp :4-7Years of Exp only. More than 7 Years consultants will be rejected.
Location :Remote(Consultant Needs to work in EST Time Zone)
Key Responsibilities
1. Security Remediation & Hardening
  • Identify and remediate vulnerabilities across cloud and on-prem systems
  • Ensure 100% deployment and effectiveness of endpoint security (EDR/XDR)
  • Drive patch management for Windows and Linux systems with defined SLAs
  • Implement secure configuration baselines across environments

2. Cloud Security
  • Assess and secure environments across AWS, Azure, and GCP
  • Deploy and manage CSPM tools to continuously monitor misconfigurations
  • Ensure secure IAM practices, including least privilege and MFA enforcement
  • Identify and secure publicly exposed assets

3. Identity, Access & Privileged Account Management
  • Implement and enforce password policies and MFA
  • Support rollout of Privileged Access Management (PAM)
  • Review and remediate excessive or risky access permissions

4. Vulnerability Management, Monitoring & Incident Response
  • Run continuous patching and vulnerability scanning to maintain compliance and security baselines.
  • Establish logging and monitoring for all critical systems
  • Integrate systems with SIEM or centralized monitoring platforms
  • Support incident detection, investigation, and response
  • Develop and maintain incident response playbooks

5. Automation & Efficiency
  • Develop automation scripts (PowerShell, Bash, Python) for:
  • Patch management
  • System hardening
  • User and access management
  • Improve operational efficiency through automation

6. Governance & Documentation
  • Document security configurations, processes, and standards
  • Support compliance initiatives (SOC2, ISO 27001, NIST)
  • Provide regular status reports on risk reduction and control implementation

Required Skills & Experience
  • Strong experience in Cloud Security (AWS, Azure, GCP)
  • Hands-on expertise in CSPM tools (AWS Security Hub / GuardDuty, Microsoft Defender for Cloud, Prisma Cloud, or Wiz)
  • Experience with EDR/XDR solutions (e.g., CrowdStrike, SentinelOne, Microsoft Defender)
  • Vulnerability management tools — Tenable, Qualys, or Rapid7
  • Solid knowledge of patch management (Windows & Linux)
  • Experience with IAM (Active Directory, Azure AD/Entra ID, Okta), MFA, and PAM solutions (e.g., CyberArk, BeyondTrust, Delinea)
  • Familiarity with SIEM and security monitoring (Splunk, Microsoft Sentinel)
  • Strong scripting skills (PowerShell, Bash, Python)
  • Experience with virtualization and hypervisors (VMware, Hyper-V, etc.)
  • Understanding of security frameworks (NIST, CIS, ISO 27001)

Preferred Qualifications
  • CEH, CompTIA Security+, or equivalent foundational certification.
  • Cloud security certifications (AWS Security Specialty, AZ-500, GCP Security Engineer).
  • Experience handling or responding to security incidents
  • Exposure to compliance frameworks (SOC2, ISO 27001)

Skills

Information TechnologyIT Services and IT Consulting
See more jobs in Charlotte, NC