IT Security Analyst

Job description

Description

About TechBiz Global

TechBiz Global is a leading recruitment and software development company. Our diverse, globally distributed team provides IT recruitment, outstaffing, outsourcing, software development, and different consulting services with a primary focus on making our partners achieve their business goals successfully.

With headquarters in Germany we have successful clients all over the world. We can understand your unique needs. Our team has hands-on experience with the challenges that come with rapid growth and the IT sector. That’s why all of our offerings are built with a tech mindset.

Responsibilities:

• Identity and Access Management:

  • Manage and maintain Active Directory (AD) permissions, ensuring appropriate Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) policies.

  • Review and implement single sign-on (SSO) solutions to streamline useraccess while maintaining security.

• Hardware and Infrastructure Security:

  • Ensure proper patching and vulnerability management for all infrastructure components.

  • Monitor and respond to CrowdStrike alerts, implementing necessary mitigations.

  • Develop and enforce Bring Your Own Device (BYOD) policies to secure endpoints accessing the network.

• Cloud and Infrastructure Security:

  • Secure infrastructure components by implementing and managing firewalls and other security policies.

  • Ensure that no public IPs are exposed unnecessarily and that communication between applications is secure and efficient.

  • Verify that critical data, especially customer data, is not exposed outside the organization.

  • Ensure that authentication and authorization mechanisms are correctly implemented, particularly for external applications connecting to ERP systems.

• Monitoring and Incident Response:

  • Collect and analyze logs from applications and devices to monitor for unusual activities.

  • Audit user and application activities, ensuring compliance with security policies.

  • Trigger and manage alerts for critical security incidents, and ensure that Intrusion Prevention System (IPS) capabilities are active and effective in the cloud environment.

  • Research the market cyber security trends and prepare training appropriately.

• Documentation:

  • Develop and maintain comprehensive documentation, including guidelines, policies, and flow diagrams for security procedures and incident response plans.

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field

• 3+ years of experience in information security, with a focus on identity and access management, network security, and cloud security

• Strong understanding of security principles, including threat modeling, risk assessment, and vulnerability management

• Proficiency in Active Directory, Azure AD, and other identity and access management tools

• Experience with security tools such as firewalls, intrusion detection systems, and SIEM solutions

• Knowledge of cloud security best practices, particularly in AWS or Azure

• Strong analytical and problem-solving skills

• Excellent written and verbal communication skills

• Industry certification like below mentioned is an added advantage:

  • Security+

  • CCSP

  • Google Cloud Security Certifications (e.g., Cloud Security Engineer, Certified Cloud Security Professional)

  • Azure Security Certifications (e.g., Azure Security Engineer Associate, Azure Security Expert)

  • Microsoft 365 Certifications (e.g., Microsoft 365 Certified: Security Administrator)