Infrastructure Security

Job Description : Infrastructure Security Expert (Immediate Joiners Only)

Role Overview

The Infrastructure Security Expert will represent the client and conduct IT infrastructure security inspections and assessments across overseas supply chain vendor locations. The role involves identifying security risks, recommending remediation measures, and ensuring vendor IT environments comply with the client's infrastructure security standards.

Key Responsibilities

1. Infrastructure Security Audits

• Conduct infrastructure security assessments at overseas supply chain vendor sites.

• Review network architecture, servers, endpoints, firewalls, and access controls.

• Ensure vendor IT infrastructure complies with client security standards and policies.

• Perform vulnerability assessments and security compliance checks.

2. Vendor Security Compliance

• Evaluate vendor IT environments against security frameworks and client policies.

• Identify gaps in infrastructure security, network security, and system hardening.

• Prepare audit reports and risk assessments.

• Track remediation and closure of security gaps.

3. Risk Identification & Remediation

• Identify infrastructure security risks and vulnerabilities.

• Recommend corrective actions and security improvements.

• Work with vendor IT teams to implement remediation plans.

• Ensure timely resolution of identified issues.

4. Reporting & Documentation

• Prepare infrastructure security audit reports.

• Maintain vendor security assessment documentation.

• Provide risk ratings and remediation timelines.

• Report findings to client security and supply chain teams.

5. Security Standards & Best Practices

• Ensure compliance with standards such as:

• ISO 27001

• NIST

• CIS Benchmarks

• SOC 2

• Recommend infrastructure hardening and security improvements.

Required Skills & Experience

Technical Skills

• Network Security (Firewalls, VPN, IDS/IPS)

• Server Security (Windows/Linux hardening)

• Cloud Infrastructure Security (AWS / Azure / GCP)

• Vulnerability Assessment Tools

• Endpoint Security

• Active Directory Security

• Patch Management

• SIEM / Log Monitoring

• Infrastructure Risk Assessment

Security Tools Knowledge (preferred)

• Nessus

• Qualys

• Rapid7

• Splunk

• CrowdStrike

• Microsoft Defender

• Palo Alto / Fortinet Firewalls

Experience Required

• 7-10 years in Infrastructure Security / IT Security / Security Audits

• Experience conducting security audits or compliance assessments

• Experience working with vendors / third parties / supply chain security

• Experience with ISO 27001 / NIST / CIS controls preferred

• Willingness to travel internationally to vendor locations

Education & Certifications (Preferred)

• Bachelor's degree in IT / Cyber Security / Computer Science

• Certifications such as:

• CISSP

• CISM

• CEH

• CompTIA Security+

• ISO 27001 Lead Auditor

• CCNA / CCNP Security