Principal Information Security Analyst
Date: Nov 28, 2024
Location: Bengaluru, KA, IN
Company: Skyworks
If you are looking for a challenging and exciting career in the world of technology, then look no further. Skyworks is an innovator of high performance analog semiconductors whose solutions are powering the wireless networking revolution. At Skyworks, you will find a fast-paced environment with a strong focus on global collaboration, minimal layers of management and the freedom to make meaningful contributions in a setting that encourages creativity and out-of-the-box thinking. Our work culture values diversity, social responsibility, open communication, mutual trust and respect. We are excited about the opportunity to work with you and glad you want to be part of a team of talented individuals who together can change the way the world communicates.
Requisition ID: 74414
Job Description
- Evaluating and Recommending Solutions:
- Assess and recommend solutions for Cloud Native Application Protection Platforms (CNAPP), focusing on runtime protection, vulnerability scanning, and threat detection.
- Evaluate solutions for Cloud Security Posture Management (CSPM) to maintain a secure posture by monitoring cloud resources, identifying misconfigurations, and enforcing security policies.
- Manage permissions and access rights across cloud services using Cloud Infrastructure
- Entitlement Management (CIEM) tools.
- Secure workloads within the cloud environment through Cloud Workload Protection (CWP) tools.
- Adherence to Standards and Guidelines:
- Ensure selected solutions align with cloud security requirements, standards, and guidelines, including those from the National Institute of Standards and Technology (NIST) and industry best practices.
- Maintain a consistent and secure cloud environment by following established standards.
- Azure Policy Framework Evaluation:
- Evaluate Azure Policy Framework policies against client requirements and recommend custom policies if existing ones do not meet needs.
- Define and enforce rules for resource configurations within Azure.
- Governance Structure for Policy as Code (PaC):
- Implement a governance structure for managing policies as code (PaC), using ARM templates or Azure Policy definitions.
- Automate policy enforcement, track changes, and maintain security compliance through PaC.
Job Requirements
- 5 years of experience in Cloud Security, with a focus on Microsoft Azure and Microsoft 365.
- Proven experience maintaining cloud security management solutions, including designing and configuring automation, notifications, and reporting capabilities.
- Experience working with multidisciplinary teams to migrate security components to cloud services, including cloud security platforms and APIs.
- Experience troubleshooting cloud security events and issues, and collaborating with cloud service providers to resolve issues or implement working solutions.
- Experience in technical planning, systems integration, verification, and validation, with the ability to evaluate alternatives and make informed decisions.
- Experience analyzing emerging technologies and tools for applicability to customers, and preparing reports and recommendations on new and changes to processes and products.
- Strong knowledge of cloud security best practices, including identity and access management, data encryption, and threat protection.
- Experience with Microsoft Azure and Microsoft 365 security features, including Azure Active Directory, Azure Sentinel, and Microsoft 365 Defender.
- Strong understanding of cloud security governance and compliance, including risk management and incident response.
- Preferred Technical and Professional Expertise:
- Microsoft Azure certification.
- AWS, CSPM, and CWPP certification
Skyworks is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.
Job Segment:
Information Security, Network, Telecom, Telecommunications, Technology