Infrastructure Security Consultant

Job Description

We are seeking a highly skilled Infrastructure Security Consultant to design, implement, and assess security controls across enterprise IT infrastructure. The ideal candidate will have deep expertise in securing cloud and on-prem environments, identifying vulnerabilities, and ensuring compliance with industry standards and best practices.

Key Responsibilities - Assess and strengthen security posture across infrastructure, including servers, networks, endpoints, and cloud environments

- Conduct vulnerability assessments, risk analyses, and security audits

- Design and implement security architectures, controls, and frameworks

- Monitor and respond to infrastructure security incidents and threats

- Collaborate with engineering and DevOps teams to embed security into system design and deployment pipelines

- Implement identity and access management (IAM), network segmentation, and zero trust principles

- Ensure compliance with regulatory requirements (e.g., HIPAA, SOC 2, NIST, ISO 27001)

- Perform security hardening of operating systems, databases, and network devices

- Develop and maintain security policies, procedures, and documentation

- Provide guidance on secure cloud configurations (AWS, Azure, Google Cloud Platform)

- Support penetration testing efforts and remediation planning

Required Qualifications - Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)

- 5+ years of experience in infrastructure security, cybersecurity, or related roles

- Strong knowledge of network security (firewalls, VPNs, IDS/IPS, WAF)

- Experience with cloud security (AWS, Azure, or Google Cloud Platform)

- Familiarity with operating systems security (Linux, Windows)

- Hands-on experience with vulnerability management tools (e.g., Nessus, Qualys)

- Understanding of security frameworks (NIST, CIS, ISO 27001)

- Experience with SIEM tools and incident response processes

Preferred Qualifications - Relevant certifications such as: - CISSP (Certified Information Systems Security Professional)

- CISM (Certified Information Security Manager)

- CEH (Certified Ethical Hacker)

- AWS/Azure Security certifications

- Experience with Infrastructure as Code (Terraform, CloudFormation)

- Knowledge of container security (Docker, Kubernetes)

- Experience in regulated industries such as healthcare or finance