IT Engineer

Job Summary:

We are seeking a SOC Engineer with hands-on experience in Identity Protection (IDP), Endpoint Security, Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Email Security, and Zscaler solutions (ZIA & ZPA).

The ideal candidate should also have expertise in Jamf for macOS security, Prisma Cloud, Cortex XDR, and Project management using JIRA Atlassian. This role involves securing enterprise infrastructure, identifying and mitigating threats, and improving security monitoring and response capabilities. You will collaborate with cross-functional teams to implement security controls and enhance the organization's cybersecurity posture.

Key Responsibilities:

IT Operations & IAM Access Management:

• Manage Identity and Access Management (IAM) processes for user provisioning, deprovisioning, and access reviews.

• Ensure compliance with IAM policies and enforce least privilege access principles.

• Automate IAM processes using Python, Bash, or PowerShell.

Security Operations & Incident Handling:

• Monitor, detect, and respond to security incidents using SIEM, EDR/XDR, and SOAR solutions.

• Perform threat analysis, forensic investigations, and vulnerability assessments.

• Develop Enterprise IT Security automation workflows to enhance incident response.

• Collaborate internally with IT, Security and DevOps teams to remediate vulnerabilities and implement security patches.

Identity Protection (IDP) & Endpoint Security:

• Manage and optimize IDP tools like Okta & Onelogin to protect corporate access.

• Administer Jamf for macOS endpoint security and compliance enforcement.

• Configure and monitor Cortex XDR for advanced endpoint threat detection and response.

Cloud Security & Data Protection:

• Implement and manage Prisma Cloud for securing cloud workloads and applications.

• Deploy and enforce DLP policies to prevent unauthorized data exfiltration.

• Configure and monitor CASB solutions to ensure secure cloud application usage.

Zscaler (ZIA & ZPA) Administration:

• Administer Zscaler Internet Access (ZIA) for secure internet browsing and threat protection.

• Manage Zscaler Private Access (ZPA) to ensure secure zero-trust access to internal applications.

• Optimize policies, logging, and user access management.

Email Security:

• Configure and optimize email security solutions to prevent phishing, malware, and BEC attacks.

• Investigate and respond to email-based threats.

Project Management (JIRA Atlassian):

• Manage and track IT-security projects using JIRA Atlassian.

• Collaborate with IT, security, and development teams to ensure timely execution of security initiatives.

• Document security incidents, changes, and remediation efforts within JIRA.

Security Best Practices & Compliance:

• Ensure security configurations align with industry standards (NIST, CIS, ISO 27001).

• Perform risk assessments and recommend security improvements.

• Provide security guidance for IT infrastructure, cloud environments, and application development.

Required Skills & Qualifications:

• 5+ years of experience in a Enterprise IT-Security, SOC or cybersecurity role.

• Hands-on experience with:

o Jamf for macOS security management.

o Prisma Cloud for cloud security posture management.

o Cortex XDR for endpoint threat detection and response.

o Zscaler (ZIA & ZPA) for internet and private access security.

o IDP tools, Endpoint Security, DLP, CASB, and Email Security solutions.

• Strong knowledge of SIEM tools (e.g., Splunk, QRadar, Microsoft Sentinel).

• Experience with JIRA Atlassian for security project tracking and management.

• Understanding of zero-trust security models and threat intelligence.

• Familiarity with firewalls, proxies, VPNs, and EDR/XDR solutions.

• Certifications such as CISSP, CISM, Zscaler ZCCA/ZCCP, Jamf 300/400, Prisma Cloud Certified (preferred).

Preferred Qualifications:

• Experience with automation & scripting (Python, PowerShell, Bash).

• Knowledge of MITRE ATT&CK framework and adversary tactics.

• Cloud security experience (AWS, Azure, GCP).