Sonata Software
Website:
sonata-software.com
Job details:
Job Title: Information Security Specialist - Cloud & Infrastructure Security.
Location: Pune Experience: 4-8 Years
Key Responsibilities
1. Security Remediation & Hardening
- Identify and remediate vulnerabilities across cloud and on-prem systems
- Ensure 100% deployment and effectiveness of endpoint security (EDR/XDR)
- Drive patch management for Windows and Linux systems with defined SLAs
- Implement secure configuration baselines across environments
2. Cloud Security
- Assess and secure environments across AWS, Azure, and GCP
- Deploy and manage CSPM tools to continuously monitor misconfigurations
- Ensure secure IAM practices, including least privilege and MFA enforcement
- Identify and secure publicly exposed assets
3. Identity, Access & Privileged Account Management
- Implement and enforce password policies and MFA
- Support rollout of Privileged Access Management (PAM)
- Review and remediate excessive or risky access permissions
4. Vulnerability Management, Monitoring & Incident Response
- Run continuous patching and vulnerability scanning to maintain compliance and security baselines.
- Establish logging and monitoring for all critical systems
- Integrate systems with SIEM or centralized monitoring platforms
- Support incident detection, investigation, and response
- Develop and maintain incident response playbooks
5. Automation & Efficiency
- Develop automation scripts (PowerShell, Bash, Python) for:
- Patch management
- System hardening
- User and access management
- Improve operational efficiency through automation
6. Governance & Documentation
- Document security configurations, processes, and standards
- Support compliance initiatives (SOC2, ISO 27001, NIST)
- Provide regular status reports on risk reduction and control implementation
Required Skills & Experience
- Strong experience in Cloud Security (AWS, Azure, GCP)
- Hands-on expertise in CSPM tools (AWS Security Hub / GuardDuty, Microsoft Defender for Cloud, Prisma Cloud, or Wiz)
- Experience with EDR/XDR solutions (e.g., CrowdStrike, SentinelOne, Microsoft Defender)
- Vulnerability management tools — Tenable, Qualys, or Rapid7
- Solid knowledge of patch management (Windows & Linux)
- Experience with IAM (Active Directory, Azure AD/Entra ID, Okta), MFA, and PAM solutions (e.g., CyberArk, BeyondTrust, Delinea)
- Familiarity with SIEM and security monitoring (Splunk, Microsoft Sentinel)
- Strong scripting skills (PowerShell, Bash, Python)
- Experience with virtualization and hypervisors (VMware, Hyper-V, etc.)
- Understanding of security frameworks (NIST, CIS, ISO 27001)
Preferred Qualifications
- CEH, CompTIA Security+, or equivalent foundational certification.
- Cloud security certifications (AWS Security Specialty, AZ-500, GCP Security Engineer).
- Experience handling or responding to security incidents
- Exposure to compliance frameworks (SOC2, ISO 27001)
Click on Apply to know more.