Softpath Technologies - IT Security Administrator - Palo Alto Firewall (5-7 yrs)

Role : Security Expert - IT Security Administrator

Location : Delhi

Experience : 5+ Years

Level : L2 (Intermediate/Senior)

Notice Period : Immediate Joiners or 2 Weeks' Notice

Key Qualifications :

Education : B.E. / B.Tech. / M.C.A. or higher degree in a relevant field.

Certifications :

- Certified Security Professional with at least one of the following certifications:

- ECSA (EC-Council Certified Security Analyst)

- CEH (Certified Ethical Hacker)

- CISA (Certified Information Systems Auditor)

- CISSP (Certified Information Systems Security Professional)

- OEM Security Certifications (e.g., Cisco, Palo Alto, Fortinet)

Experience :

- Minimum of 5 years of IT experience, including at least 3 years working as a Security Administrator in a large Data Center environment.

Core Responsibilities :

1. Security Administration and Management :

Security Infrastructure Management :

- Oversee the administration and management of security tools, systems, and protocols within the organization's infrastructure, with a focus on Data Centers.

- Ensure that network security measures such as firewalls, intrusion prevention systems (IPS), intrusion detection systems (IDS), and encryption are properly configured and maintained.

- Regularly monitor and manage security hardware and software to prevent and mitigate security threats.

Vulnerability and Patch Management :

- Regularly conduct vulnerability assessments and penetration tests to identify potential threats and risks in the infrastructure.

- Work closely with system and network teams to implement patches and updates for operating systems, network devices, and software applications to safeguard against known vulnerabilities.

- Ensure proper patching protocols are followed and vulnerabilities are remediated promptly.

Access Control and Identity Management :

- Manage user access to critical systems, ensuring that strong authentication and authorization protocols are implemented and maintained.

- Administer and enforce the organization's security policies for identity and access management (IAM), ensuring the principle of least privilege is always applied.

- Implement Multi-Factor Authentication (MFA) wherever applicable to strengthen security across systems.

2. Incident Detection and Response :

Threat Intelligence and Incident Management :

- Stay up-to-date with emerging security threats and trends to proactively prevent attacks and breaches.

- Configure and monitor Security Information and Event Management (SIEM) systems to detect potential security incidents in real-time.

- Respond to security incidents by investigating, analyzing, and mitigating any threats to the organization's infrastructure.

- Coordinate with internal teams to execute incident response plans in case of data breaches, system compromises, or other critical security events.

Forensics and Root Cause Analysis :

- Perform in-depth forensics analysis to determine the source, cause, and impact of security incidents.

- Provide detailed reports and documentation on incidents, including root cause analysis and mitigation strategies.

- Work with the internal team to close any security gaps and implement long-term fixes to prevent recurrence.

3. Network and Data Security :

Network Security :

- Implement, configure, and manage perimeter security measures including firewalls, VPNs, IDS/IPS, and advanced threat protection solutions to safeguard against cyber threats.

- Design and implement network segmentation strategies to limit lateral movement in the event of a breach.

- Manage and monitor network traffic and alert for suspicious activities using next-generation firewall and other monitoring tools.

Data Protection :

- Ensure that appropriate encryption protocols are implemented to protect sensitive data at rest and in transit.

- Administer security measures around data storage, including access controls and secure backup protocols, to mitigate the risk of data loss or leakage.

- Regularly review data protection policies and procedures to ensure compliance with industry standards and regulations.

4. Compliance and Auditing :

Compliance Monitoring :

- Ensure that the organization adheres to industry standards and legal/regulatory requirements for information security, including ISO 27001, GDPR, PCI-DSS, HIPAA, and others.

- Conduct internal security audits to ensure compliance with internal policies, external standards, and industry best practices.

Audit Support and Reporting :

- Support external audits and assessments by preparing necessary documentation and providing evidence of compliance.

- Assist in the preparation of audit reports and remediation plans in response to findings.

- Maintain detailed records of security policies, procedures, incidents, and audit results.

5. Security Tool Implementation and Management :

Implementation of Security Solutions :

- Evaluate, implement, and manage security solutions such as endpoint protection, email security, data loss prevention (DLP), and vulnerability scanning tools.

- Oversee the configuration and integration of security tools within the organization's IT environment, ensuring compatibility and maximum efficacy.

- Regularly review the performance of existing security tools and recommend improvements or upgrades as necessary.

Security Automation and Orchestration :

- Collaborate with IT teams to automate security processes and improve operational efficiency.

- Implement orchestration tools to enable automatic response to security events, such as blocking suspicious IP addresses or quarantining infected systems.

6. Training and Awareness :

Security Awareness Programs :

- Lead the development and delivery of security awareness programs for internal teams, ensuring they are aware of the latest threats, best practices, and how to securely interact with IT resources.

- Foster a security-conscious culture within the organization by promoting awareness and understanding of security policies and procedures.

Internal Training and Mentorship :

- Mentor and train junior team members on security best practices and tools.

- Foster a collaborative environment where knowledge and expertise are shared across teams.

7. Continuous Improvement and Process Optimization :

Security Process Improvement :

- Continuously assess and improve security policies, procedures, and standards to enhance the organization's overall security posture.

- Collaborate with teams across the organization to identify and eliminate security inefficiencies or gaps.

- Stay current with the latest security trends, emerging threats, and best practices, and incorporate these insights into the organization's security strategy.

Desired Skills and Competencies :

Technical Skills :

- Strong experience with security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM platforms, vulnerability scanners, endpoint security, and encryption solutions.

- Hands-on experience with securing large-scale Data Center environments and cloud infrastructure (e.g., AWS, Azure, GCP).

- Familiarity with network protocols, systems architecture, and data center security best practices.

- Expertise in Windows, Linux, and other OS security configurations and hardening practices.

- Proficiency in scripting languages (e.g., Python, PowerShell) to automate security tasks and processes.

Analytical and Problem-Solving Skills :

- Ability to analyze and assess security risks, providing detailed threat intelligence and mitigation strategies.

- Strong troubleshooting skills with the ability to think critically and solve complex security issues.

Soft Skills :

- Excellent communication and interpersonal skills to effectively interact with teams, clients, and stakeholders.

- Ability to work under pressure, handle high-stress situations, and make critical decisions during security incidents.

- Detail-oriented and organized, with the ability to maintain comprehensive security documentation.

Key Performance Indicators (KPIs) :

Incident Response Time :

- Minimize response time to security incidents, ensuring quick containment and mitigation of threats.

- Track and report incident resolution times to ensure compliance with SLAs.

Security Posture Improvement :

- Demonstrate continuous improvement in the security posture of the organization, including the reduction of vulnerabilities and threats over time.

Audit Compliance :

- Ensure consistent adherence to internal policies and external regulatory requirements, with a track record of passing security audits without major findings.

Training Effectiveness :

- Measure the success of security awareness programs by evaluating employee participation and the reduction of security incidents due to human error.

Working Environment :

- The role will require working in a fast-paced and dynamic environment with a strong focus on data center security, risk management, and compliance.

- Occasional travel may be required for audits, training, and vendor management.