Security Configuration Compliance Analyst

3 weeks ago


Muscat, Muscat, Oman TAT IT Technolgies Full time
We have an urgent requirement for Security Configuration Compliance Analyst - Banking domain experience is required for one of our banking client in Oman

Strong Experience of 7 years in system administration and configuration hardening of Enterprise Infrastructure Must to apply for this role

Strong Experience on operating system hardening, security baselines, and configuration best practices (e.g., CIS Benchmarks, STIG Must apply for this role

Strong experience in translating security policies and standards into technical configurations is Must to apply for this role

Strong experience on Application Infrastructure, Data Integrity and Security, Enterprise Database Systems and Network Security is MUST

Configuration Hardening Documents Development and Maintenance.
  • Develop, document, and maintain standardized Security hardening document across the IT infrastructure (e.g. OS, DB, middleware, Infrastructure applications)
  • Reference the documents to industry best practices (e.g. CIS, STIG, and vendor specific hardening controls) to ensure the full coverage of the technology hardening.
  • Ensure the documents accurately reflect organizational security policies and configuration baselines.
  • Ensure the developed documents are accompanied with custom automated scripts, tripwire templates or any form of automated checks.
  • Regularly review and update the hardening documents to incorporate new policies and industry best practices.
  • Implement version control and change management processes for configuration hardening documents.
  • Collaborate with policy owners to understand and interpret security policies and standards to perform necessary customization to hardening documents.

Systems Configuration Compliance Automation
  • Work closely with IT operations teams to implement and maintain Tripwire configurations for various operating systems, databases, middleware and applications.
  • Provide guidance and support to technical teams on the proper use and interpretation of Tripwire configuration templates.
  • Develop and maintain scripts (e.g. Python, PowerShell and Bash) to define custom rules

Regularly review tripwire templates and custom scripts to ensure consistency with the hardening documents.
  • Automate the deployment and management of custom Tripwire templates using scripting and regex.
  • Troubleshoot and debug custom scripts to ensure accurate and reliable configuration monitoring.
  • Translate policy requirements into specific scripts, Tripwire configuration rules and monitoring parameters.

Configuration Compliance Monitoring and Reporting
  • Utilize Tripwire or scripts to monitor and report on configuration compliance status across the organization.
  • Analyze Tripwire findings and identify systems that deviate from defined configuration baselines and policies.
  • Communicate effectively with technical and non-technical stakeholders regarding configuration compliance status and remediation efforts.
  • Generate regular and ad-hoc reports on configuration compliance posture for management and relevant stakeholders.
  • Identify and address discrepancies between Tripwire configurations and organizational policies and baselines

Continuous Improvement
  • Stay up-to-date on the latest security trends, best practices, CIS and STIG baseline updates and Tripwire product updates.
  • Identify opportunities to improve the efficiency and effectiveness of Tripwire configuration management processes.
  • Contribute to the development and refinement of configuration management policies and procedures.

Technical Expertise
  • Participate in technical discussions by explaining/demonstrating attacks and explain the recommended hardening controls to IT.
  • Collaborate with application developers, management and project management teams by reviewing and measuring the effectiveness of proposed security controls to be implemented before proceeding with the implementation.
  • Identify best practices and continuously propose improvements to technical processes, procedures and guidelines in alignment with the bank's standards.
  • Plan and manage the execution of hardening document reviews and systems configuration hardening reviews.

Skills: application infrastructure,regex,enterprise database systems,cis benchmarks,scripting,powershell,compliance,data integrity and security,python,configuration hardening,security,configuration best practices,configuration,network security,bash,stig,tripwire,system administration,operating system hardening,security baselines
#J-18808-Ljbffr

  • Muscat, Muscat, Oman beBee Careers Full time

    Job Description:We are seeking a highly skilled and experienced Security Configuration Compliance Analyst to join our team. As a key member of our security team, you will be responsible for ensuring the security and compliance of our systems and infrastructure.Responsibilities:Develop and maintain standardized security hardening documents across the IT...


  • Muscat, Muscat, Oman beBee Careers Full time

    Job Overview:We have an urgent requirement for a Security Configuration Compliance Analyst with banking domain experience. The successful candidate will be responsible for ensuring the security and compliance of our systems and infrastructure.Key Responsibilities:Configuration Hardening Documents Development and Maintenance: Develop, document, and maintain...


  • Muscat, Muscat, Oman InterTech Oman Full time

    Role SummaryThe role is accountable for developing, maintaining, and implementing IT infrastructure hardening documents, custom scripts, and Tripwire configuration templates to ensure secure and compliant configurations across the bank's IT environment.Roles & Responsibilitiesa. Configuration Hardening Documents• Develop and maintain standardized hardening...


  • Muscat, Muscat, Oman beBee Careers Full time

    Job Summary:We are looking for a highly skilled and experienced Security Configuration Compliance Analyst to join our team. The successful candidate will be responsible for ensuring the security and compliance of our systems and infrastructure.Main Responsibilities:Regularly review tripwire templates and custom scripts to ensure consistency with the...


  • Muscat, Muscat, Oman Oman Arab Bank Full time

    Get AI-powered advice on this job and more exclusive features.Direct message the job poster from Oman Arab BankTalent Acquisition Specialist - Oman Arab Bank | CIPDProvide periodic and on-demand security assessment (VAPT) to IT infrastructures, systems, applications and websites.Perform Red Team activity to systems/applications.Logs all InfoSec related...

  • Security Specialist

    6 days ago


    Muscat, Muscat, Oman beBee Careers Full time

    Security Specialist">Lead the design, implementation, and support of advanced Cisco security solutions.Provide expert-level consulting on Cisco FTD, FMC, and ISE deployments, configurations, and troubleshooting.Develop automation scripts using Python to enhance security operations and optimize security workflows.Act as a trusted advisor to customers,...


  • Muscat, Muscat, Oman beBee Careers Full time

    Cloud Solution ExpertWe are seeking an expert in cloud solution design, implementation and management. The successful candidate will drive digital transformation and enhance cloud infrastructure while ensuring robust security.Key Skills:Cloud architecture designAutomation and scriptingCloud security and compliance


  • Muscat, Muscat, Oman beBee Careers Full time

    The Network and Security Infrastructure Specialist is responsible for designing, implementing, and maintaining the network infrastructure, ensuring optimal performance, security, and reliability.Responsibilities:Design, configure, and maintain network infrastructure, including routers, switches, and firewalls.Manage and optimize routing and switching...


  • Muscat, Muscat, Oman TAT IT Technolgies Full time

    We have an urgent requirement for a Network and Security Infrastructure Specialist with strong experience in multi-data center environments for our banking client in Oman.Experience: 6+ yearsLocation: OmanCertifications: CCNA, CCNP, Fortinet NSE, CISSP, or similar are highly preferred.Requirements:Strong network and security infrastructure management in...

  • Security Consultant

    7 days ago


    Muscat, Muscat, Oman Yuvo Full time

    Lead the design, implementation, and support of advanced Cisco security solutions.Provide expert-level consulting on Cisco FTD, FMC, and ISE deployments, configurations, and troubleshooting.Develop automation scripts using Python to enhance security operations and optimize security workflows.Act as a trusted advisor to customers, ensuring best practices in...