Infrastructure Security

Job Description : Infrastructure Security Expert (Immediate Joiners Only)

Role Overview

The Infrastructure Security Expert will represent the client and conduct IT infrastructure security inspections and assessments across overseas supply chain vendor locations. The role involves identifying security risks, recommending remediation measures, and ensuring vendor IT environments comply with the clients infrastructure security standards.

Key Responsibilities

1. Infrastructure Security Audits

Conduct infrastructure security assessments at overseas supply chain vendor sites.

Review network architecture, servers, endpoints, firewalls, and access controls.

Ensure vendor IT infrastructure complies with client security standards and policies.

Perform vulnerability assessments and security compliance checks.

2. Vendor Security Compliance

Evaluate vendor IT environments against security frameworks and client policies.

Identify gaps in infrastructure security, network security, and system hardening.

Prepare audit reports and risk assessments.

Track remediation and closure of security gaps.

3. Risk Identification & Remediation

Identify infrastructure security risks and vulnerabilities.

Recommend corrective actions and security improvements.

Work with vendor IT teams to implement remediation plans.

Ensure timely resolution of identified issues.

4. Reporting & Documentation

Prepare infrastructure security audit reports.

Maintain vendor security assessment documentation.

Provide risk ratings and remediation timelines.

Report findings to client security and supply chain teams.

5. Security Standards & Best Practices

Ensure compliance with standards such as:

ISO 27001

NIST

CIS Benchmarks

SOC 2

Recommend infrastructure hardening and security improvements.

Required Skills & Experience

Technical Skills

Network Security (Firewalls, VPN, IDS/IPS)

Server Security (Windows/Linux hardening)

Cloud Infrastructure Security (AWS / Azure / GCP)

Vulnerability Assessment Tools

Endpoint Security

Active Directory Security

Patch Management

SIEM / Log Monitoring

Infrastructure Risk Assessment

Security Tools Knowledge (preferred)

Nessus

Qualys

Rapid7

Splunk

CrowdStrike

Microsoft Defender

Palo Alto / Fortinet Firewalls

Experience Required

7-10 years in Infrastructure Security / IT Security / Security Audits

Experience conducting security audits or compliance assessments

Experience working with vendors / third parties / supply chain security

Experience with ISO 27001 / NIST / CIS controls preferred

Willingness to travel internationally to vendor locations

Education & Certifications (Preferred)

Bachelors degree in IT / Cyber Security / Computer Science

Certifications such as:

CISSP

CISM

CEH

CompTIA Security+

ISO 27001 Lead Auditor

CCNA / CCNP Security