Sr. Security Consultant – Advisory - REMOTE

Job Description

Title : Sr. Security Consultant – Advisory

Duration : 6-12 Months

Location : Remote 100%

Primary Offerings :

• Wiz Cloud :   This is their core offering, focused on providing agentless visibility and risk prioritization to proactively reduce the attack surface in cloud environments. It includes features like :
• Agentless Visibility :   Connects to cloud environments via APIs to provide full-stack visibility across VMs, containers, serverless functions, and data stores without deploying agents.
• Security Graph :   Analyses the relationships between cloud resources to identify toxic combinations and attack paths.
• Risk Prioritization :   Focuses on the most critical risks based on potential impact and likelihood of exploitation.
• Compliance Monitoring :   Helps organizations meet compliance requirements like PCI DSS, HIPAA, and SOC 2.
• Wiz Code :   This offering focuses on securing cloud development by providing unified visibility and security across code, CI / CD pipelines, and cloud environments. It helps to :
• Shift Left :   Identify and address security issues earlier in the development lifecycle.
• Correlate Code to Cloud :   Connect code vulnerabilities to cloud resources and configurations to understand the potential impact.
• Harden Cloud Infrastructure :   Provide recommendations for hardening cloud configurations based on code analysis.
• Wiz Defend :   This is their cloud threat detection and response offering, providing runtime protection and threat detection capabilities. It helps to :
• Detect and Respond to Threats :   Identify and respond to active threats in real-time.
• Protect Runtime Environments :   Secure cloud workloads during runtime.

Key Skills for Resources :

Requirements

Primary Offerings : Wiz Cloud : This is their core offering, focused on providing agentless visibility and risk prioritization to proactively reduce the attack surface in cloud environments. It includes features like : Agentless Visibility : Connects to cloud environments via APIs to provide full-stack visibility across VMs, containers, serverless functions, and data stores without deploying agents. Security Graph : Analyses the relationships between cloud resources to identify toxic combinations and attack paths. Risk Prioritization : Focuses on the most critical risks based on potential impact and likelihood of exploitation. Compliance Monitoring : Helps organizations meet compliance requirements like PCI DSS, HIPAA, and SOC 2. Wiz Code : This offering focuses on securing cloud development by providing unified visibility and security across code, CI / CD pipelines, and cloud environments. It helps to : Shift Left : Identify and address security issues earlier in the development lifecycle. Correlate Code to Cloud : Connect code vulnerabilities to cloud resources and configurations to understand the potential impact. Harden Cloud Infrastructure : Provide recommendations for hardening cloud configurations based on code analysis. Wiz Defend : This is their cloud threat detection and response offering, providing runtime protection and threat detection capabilities. It helps to : Detect and Respond to Threats : Identify and respond to active threats in real-time. Protect Runtime Environments : Secure cloud workloads during runtime. Key Skills for Resources : Cloud Computing Expertise : Deep understanding of cloud platforms like AWS, Azure, and GCP, including their services, architecture, and security best practices. Cloud Security Knowledge : Strong understanding of cloud security concepts, threats, and vulnerabilities, including identity and access management (IAM), network security, data protection, and compliance frameworks. DevSecOps Understanding : Familiarity with DevOps principles and practices, and how to integrate security into the development lifecycle. Scripting and Automation : Proficiency in scripting languages like Python or PowerShell for automating tasks and integrating with cloud APIs. Security Tools and Technologies : Experience with other security tools and technologies, such as vulnerability scanners, intrusion detection systems, and security information and event management (SIEM) 1 systems. Data Analysis and Visualization : Ability to analyse security data, identify trends, and present findings in a clear and concise manner.