Security Operations Lead

Dear Consultants,

Please find the requirement below & help me with suitable profiles ASAP.

Job Description

Job Title: Onsite Security Engineer

Job Title: Security Operations Lead

Location: Dearborn, MI

Duration: 11 months

Sourcing: Hybrid 3 days a week (Tuesday, Wednesday and Thursday)

Job Summary:

Application Security Operations:

Oversee the operational use and effectiveness of application security tools, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Software Composition Analysis (SCA).

Collaborate with development and DevOps teams to integrate security testing into the CI/CD pipeline and ensure vulnerabilities identified by these tools are triaged and remediated effectively.

Provide guidance on interpreting scan results and prioritizing remediation efforts for application-level vulnerabilities.

Handling container security, ensuring base images are updated

Cloud Security :

In-depth knowledge and hands-on experience with Microsoft Azure security services, specifically Microsoft Defender for Cloud, Entra ID and Azure Sentinel (SIEM/SOAR)

Proficiency in assessing and hardening Azure environments, including IaaS, PaaS, and network security configurations.

Defining and enforcing policies for Terraform, ARM templates, or Bicep.

Infrastructure Vulnerability Management:

Proactively manage and conduct regular vulnerability assessments and remediation efforts for our infrastructure using Microsoft Defender for Cloud

Ensure continuous security posture management for cloud and hybrid environments, identifying misconfigurations and security weaknesses.

Work with relevant teams to prioritize and implement recommended security controls and patches identified through Defender for Cloud.

Essential Job Functions:

Support

Vulnerability Assessment

Threat Intelligence

Application Security

Secure Cloud Configuration

Identity and Access Management

Other Responsibilities:

Work with Security team on other technical security related issues.

Maintain security tools and software

Consult with developers on application security

Manage security ticketing system

Minimum Qualifications and Job Requirements:

5 - 8 years Application and/or Infrastructure security experience ISO experience or certification

Certifications (one or more highly preferred):

CISSP (Certified Information Systems Security Professional)

CISM (Certified Information Security Manager)

*AZ-500 (Microsoft Certified: Azure Security Engineer Associate)*

CySA+ (CompTIA Cybersecurity Analyst+)

CEH (Certified Ethical Hacker)