- Monitor, analyze, and respond to security events.
- Implement and manage SIEM, IDS/IPS, endpoint protection, and logging infrastructure.
- Conduct vulnerability assessments and coordinate remediation.
- Oversee secure configuration baselines.
- Implement and enforce Data Loss Prevention (DLP) policies.
- Perform detailed data flow mapping.
- Secure cloud environments (AWS preferred).
- Manage cloud access policies, network segmentation, secrets management, and continuous monitoring.
- Support compliance frameworks (GDPR, SOC 2, ISO 27001).
- Develop and maintain internal security policies and procedures.
- Serve as the Access & Control Monitoring expert.
- Perform regular access reviews and privilege audits.
- Deliver security awareness training and simulations.
- Lead incident response processes.
- Maintain and improve the incident response playbook.
- Collaborate with engineering teams on secure-by-design practices (bonus).
- Conduct application security reviews, threat modeling, and code analysis (bonus).
- Contribute to architecture decisions for new features and infrastructure (bonus).
AWSPythonCybersecurity+1 more