Infrastructure Security Consultant

We are seeking a highly skilled Infrastructure Security Consultant to design, implement, and assess security controls across enterprise IT infrastructure. The ideal candidate will have deep expertise in securing cloud and on-prem environments, identifying vulnerabilities, and ensuring compliance with industry standards and best practices.

Key Responsibilities

• Assess and strengthen security posture across infrastructure, including servers, networks, endpoints, and cloud environments
• Conduct vulnerability assessments, risk analyses, and security audits
• Design and implement security architectures, controls, and frameworks
• Monitor and respond to infrastructure security incidents and threats
• Collaborate with engineering and DevOps teams to embed security into system design and deployment pipelines
• Implement identity and access management (IAM), network segmentation, and zero trust principles
• Ensure compliance with regulatory requirements (e.g., HIPAA, SOC 2, NIST, ISO 27001)
• Perform security hardening of operating systems, databases, and network devices
• Develop and maintain security policies, procedures, and documentation
• Provide guidance on secure cloud configurations (AWS, Azure, Google Cloud Platform)
• Support penetration testing efforts and remediation planning

Required Qualifications

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)
• 5+ years of experience in infrastructure security, cybersecurity, or related roles
• Strong knowledge of network security (firewalls, VPNs, IDS/IPS, WAF)
• Experience with cloud security (AWS, Azure, or Google Cloud Platform)
• Familiarity with operating systems security (Linux, Windows)
• Hands-on experience with vulnerability management tools (e.g., Nessus, Qualys)
• Understanding of security frameworks (NIST, CIS, ISO 27001)
• Experience with SIEM tools and incident response processes

Preferred Qualifications

• Relevant certifications such as:
  • CISSP (Certified Information Systems Security Professional)
  • CISM (Certified Information Security Manager)
  • CEH (Certified Ethical Hacker)
  • AWS/Azure Security certifications
• Experience with Infrastructure as Code (Terraform, CloudFormation)
• Knowledge of container security (Docker, Kubernetes)
• Experience in regulated industries such as healthcare or finance