Security Managed Services Practitioner

Project Role : Security Managed Services Practitioner
Project Role Description : Deliver and manage security services across client environments to ensure protection, compliance, and operational resilience.
Must have skills : Managed Cloud Security Services
Good to have skills : NA
Minimum 7.5 year(s) of experience is required
Educational Qualification : 15 years full time education

Summary:
We are seeking a skilled security professional with hands-on experience in Tripwire File Integrity Monitoring (FIM) and Security Configuration Management (SCM). The role involves implementing, managing, and optimizing file integrity monitoring and configuration compliance solutions to ensure system security, regulatory compliance, and operational integrity. Roles and Responsibilities


Roles & Responsibilities:
- Implement, configure, and manage Tripwire FIM solutions across enterprise environments
- Monitor and analyze file integrity changes, investigate unauthorized modifications, and respond to alerts
- Deploy and maintain Security Configuration Management (SCM) policies aligned with industry standards (CIS, NIST, ISO 27001)
- Perform system hardening and configuration compliance assessments
- Develop and maintain baseline configurations for servers, databases, and network devices
- Integrate Tripwire with SIEM tools for real-time alerting and correlation
- Generate compliance and audit reports for internal and external stakeholders
- Collaborate with IT, DevOps, and Security teams to remediate vulnerabilities and misconfigurations
- Support audits and ensure adherence to regulatory requirements (PCI-DSS, SOX, HIPAA, etc.)
- Automate monitoring and reporting processes where applicable
- Cloud Identity & Network Security: RBAC policy management, cloud role entitlement governance, and enforcement of network security baselines across multi-cloud environments.
- Incident & Alert Management: Prioritization, triage, and escalation of cloud workload incidents end-to-end operations support and remediation guidance for DevOps teams.


Professional & Technical Skills:
- Hands-on experience with Tripwire Enterprise (FIM & SCM modules)
- Strong understanding of file integrity monitoring concepts and change detection mechanisms
- Experience with OS hardening (Windows/Linux/Unix)
- Knowledge of security frameworks such as CIS Benchmarks, NIST, ISO 27001
- Familiarity with SIEM tools (e.g., Splunk, QRadar, ArcSight)
- Basic scripting knowledge (PowerShell, Bash, Python)
- Understanding of network security and system administration
- Strong analytical and troubleshooting skills
- Tools & Platforms: Divy Cloud, Tripwire, Azure, AWS, Ali Cloud.
- CSPM (Cloud Security Posture Management): Continuous assessment of cloud assets for misconfigurations and non-standard deployments using Divvy Cloud policy enforcement across Azure, AWS, and Ali Cloud.
- Cloud Compliance & Reporting: Monitoring and analysis of cloud compliance alerts generation of executive and operational reports on vulnerabilities and policy violations.


Additional Information:
- 10+ years in cybersecurity operations, including 8+ years leading a security-related project
- Ability to work across teams and manage deliverables in matrix environments
- A strategic yet practical approach to solving security and governance challenges
- Ability to stay current on emerging threats, technologies, and best practices
- Bachelor s degree in computer science, Information Security, or related field.
- Industry certifications are strongly preferred: CCSP / CISM or other relevant cloud and security certifications.
- Vendor certifications such as, AWS/Azure Security Specialty, Tripwire vulnerability management or training such as InsightCloudSec documentation and labs etc