Cerulean Information Technology - Information Security Consultant - Security Operations Center (7-15 yrs)

Key Responsibilities :

- Evaluate and review security risks for enterprise networks in a fast-paced environment.

- Design and implement secure network architectures, including firewalls, intrusion detection/prevention systems (IDS/IPS), Virtual Private Networks (VPNs), and other security-related network devices.

- Collaborate with cross-functional teams to ensure network security solutions align with company policies and security standards.

- Identify and remediate security vulnerabilities as per established frameworks such as OWASP, NIST, and SANS.

- Provide expert advice on risk mitigation, remediation, and best practices to ensure a secure network environment.

- Implement and maintain security solutions within an enterprise network, ensuring all systems are up-to-date and compliant with security regulations.

- Ensure compliance with relevant industry regulations such as ISO27001, SOC2, GDPR, CCPA, and other data protection standards.

- Perform network security assessments and architecture reviews, identifying weaknesses and proposing solutions to address them.

- Continuously monitor and assess the security posture of the organization's network and make necessary adjustments.

- Participate in Security Operations Centers (SOC) activities and Incident Command as necessary.

- Prepare documentation and reports regarding network security audits, assessments, and remediation plans.

Qualifications :

- Proven experience in network security review and architecture, particularly in enterprise environments.

- Experience with security solutions implementation, including firewalls, IDS/IPS, VPNs, and network-related security devices.

- Hands-on knowledge of network commands, routing, switching, and security technologies.

- Experience working with Security Operations Centers (SOC) or in an Incident Command role is a plus.

- Strong understanding of security vulnerabilities and mitigation measures outlined by organizations such as OWASP, NIST, and SANS.

- In-depth knowledge of security regulations and data protection standards such as ISO27001, SOC2, GDPR, and CCPA.

- Familiarity with various security policies and best practices in network architecture.

- Ability to design secure network infrastructures that meet the organization's security objectives.

- Strong analytical and problem-solving skills to assess and mitigate security risks in an enterprise network.

- Excellent communication and collaboration skills to interact with both technical and non-technical teams

- Relevant certifications such as CCIE , CISSP, CISM, or CCSP are desirable