Job Description

Title: Sr. Security Consultant – Advisory

Duration: 6-12 Months

Location: Remote 100%

Primary Offerings:

• Wiz Cloud:   This is their core offering, focused on providing agentless visibility and risk prioritization to proactively reduce the attack surface in cloud environments. It includes features like:
  
• Agentless Visibility:   Connects to cloud environments via APIs to provide full-stack visibility across VMs, containers, serverless functions, and data stores without deploying agents.
  
• Security Graph:   Analyses the relationships between cloud resources to identify toxic combinations and attack paths.
  
• Risk Prioritization:   Focuses on the most critical risks based on potential impact and likelihood of exploitation.
  
• Compliance Monitoring:   Helps organizations meet compliance requirements like PCI DSS, HIPAA, and SOC 2.
  
• Wiz Code:   This offering focuses on securing cloud development by providing unified visibility and security across code, CI/CD pipelines, and cloud environments. It helps to:
  
• Shift Left:   Identify and address security issues earlier in the development lifecycle.
  
• Correlate Code to Cloud:   Connect code vulnerabilities to cloud resources and configurations to understand the potential impact.
  
• Harden Cloud Infrastructure:   Provide recommendations for hardening cloud configurations based on code analysis.
  
• Wiz Defend:   This is their cloud threat detection and response offering, providing runtime protection and threat detection capabilities. It helps to:
  
• Detect and Respond to Threats:   Identify and respond to active threats in real-time.
  
• Protect Runtime Environments:   Secure cloud workloads during runtime.
  

Key Skills for Resources:

• Cloud Computing Expertise:   Deep understanding of cloud platforms like AWS, Azure, and GCP, including their services, architecture, and security best practices.
  
• Cloud Security Knowledge:   Strong understanding of cloud security concepts, threats, and vulnerabilities, including identity and access management (IAM), network security, data protection, and compliance frameworks.
  
• DevSecOps Understanding:   Familiarity with DevOps principles and practices, and how to integrate security into the development lifecycle.
  
• Scripting and Automation:   Proficiency in scripting languages like Python or PowerShell for automating tasks and integrating with cloud APIs.
  
• Security Tools and Technologies:   Experience with other security tools and technologies, such as vulnerability scanners, intrusion detection systems, and security information and event management (SIEM) 1  systems.
  
• Data Analysis and Visualization:   Ability to analyse security data, identify trends, and present findings in a clear and concise manner.
  

Job Tags

Similar Jobs