Key Responsibilities:
Vulnerability Management & Remediation
- Identify, analyze, and remediate vulnerabilities across on-prem and Azure environments.
- Use Wiz to triage vulnerabilities, perform root cause analysis, and implement remediation actions.
- Ensure timely closure of security findings with complete validation and documentation.
Operating System Security (Linux & Windows)
- Perform OS hardening, patch management, and configuration fixes for Linux and Windows systems.
- Resolve system-level security vulnerabilities and enforce security baselines.
- Manage package-level security updates and configuration compliance.
Kubernetes & Container Security
- Remediate vulnerabilities in Azure Kubernetes Service (AKS) clusters including nodes and workloads.
- Secure container images through vulnerability scanning and base image hardening.
- Manage container registry security and runtime protection controls.
Azure Cloud Security
- Work with Azure security services across identity, networking, storage, and platform layers.
- Fix misconfigurations in Azure infrastructure and security posture controls.
- Ensure adherence to cloud security baselines and compliance requirements.
Security Automation & Infrastructure as Code
- Use Terraform and Ansible to automate security fixes and configuration management.
- Support automation for patching, OS hardening, and configuration drift detection.
- Improve repeatability and efficiency of security remediation processes.
Identity & Access Management
- Implement IAM, RBAC, and privileged access management controls.
- Conduct access reviews and enforce least-privilege security models.
- Support identity governance across cloud environments.
Monitoring, Audit & Compliance
- Participate in security audits, vulnerability assessments, and compliance reviews.
- Maintain remediation documentation, runbooks, and operational guides.
- Support continuous improvement of cloud security posture.
Collaboration & Support
- Work closely with DevOps, platform, and application teams to remediate vulnerabilities.
- Provide hands-on guidance for OS, cloud, and container security issues.
- Clearly communicate remediation actions, risks, and trade-offs.
