Security Administrator
Share
Job Location:
Monthly Salary:
Posted on:
12 hours ago
Vacancies:
1 Vacancy
Job Summary
Cloud Security Specialist (GIC)
Location: Global In-House Center (GIC) Remote/Offshore
Reports To: Security Operations Manager
Job Type: Full-Time
Start Date: January 2026
Job Summary
The Cloud Security Specialist will manage operational tasks for Netskope (Secure Web Gateway NPA
Cloud Firewall) and Proofpoint (Email Security Email Fraud Defense Secure Email Relay Domain
Takedown DMARC SPF) ensuring secure web cloud and email environments for clients hybrid
workforce. This role collaborates with the Security Architect (Netskope design) Manager of IAM
(Proofpoint DMARC/SPF design) SOC Analysts (Siem monitoring) Vulnerability Management Analyst
(Rapid7 scans) and Infrastructure (endpoint/tunnel deployment). The specialist will correlate
Netskope/Proofpoint alerts with CrowdStrike Falcon Complete and Microsoft Defender endpoint data
in Azure Sentinel to link web/email threats to endpoint incidents. Tasks are tracked in Atlassian Jira
and configurations are documented in Confluence. The ideal candidate has expertise in SASE/SSE
email security DMARC/SPF Microsoft integrations and Atlassian tools with a focus on compliance
(NIST GDPR SOX).
Responsibilities
Netskope Operations:
o Secure Web Gateway (SWG): Enforce URL filtering SSL inspection and DLP policies;
integrate with Azure AD/Sentinel.
o NPA (Private Access): Manage ZTNA for private apps ensuring off-site security profiles
via clientless/client access and Azure AD SSO.
o Cloud Firewall (FWaaS): Enforce 5-tuple/FQDN rules for non-web traffic manage
IPsec/GRE tunnels export logs to Sentinel.
Location: Global In-House Center (GIC) Remote/Offshore
Reports To: Security Operations Manager
Job Type: Full-Time
Start Date: January 2026
Job Summary
The Cloud Security Specialist will manage operational tasks for Netskope (Secure Web Gateway NPA
Cloud Firewall) and Proofpoint (Email Security Email Fraud Defense Secure Email Relay Domain
Takedown DMARC SPF) ensuring secure web cloud and email environments for clients hybrid
workforce. This role collaborates with the Security Architect (Netskope design) Manager of IAM
(Proofpoint DMARC/SPF design) SOC Analysts (Siem monitoring) Vulnerability Management Analyst
(Rapid7 scans) and Infrastructure (endpoint/tunnel deployment). The specialist will correlate
Netskope/Proofpoint alerts with CrowdStrike Falcon Complete and Microsoft Defender endpoint data
in Azure Sentinel to link web/email threats to endpoint incidents. Tasks are tracked in Atlassian Jira
and configurations are documented in Confluence. The ideal candidate has expertise in SASE/SSE
email security DMARC/SPF Microsoft integrations and Atlassian tools with a focus on compliance
(NIST GDPR SOX).
Responsibilities
Netskope Operations:
o Secure Web Gateway (SWG): Enforce URL filtering SSL inspection and DLP policies;
integrate with Azure AD/Sentinel.
o NPA (Private Access): Manage ZTNA for private apps ensuring off-site security profiles
via clientless/client access and Azure AD SSO.
o Cloud Firewall (FWaaS): Enforce 5-tuple/FQDN rules for non-web traffic manage
IPsec/GRE tunnels export logs to Sentinel.
Proofpoint Operations:
o Email Security: Configure anti-phishing malware scanning and sandboxing rules.
o Email Fraud Defense: Detect BEC impostor emails and supplier risks.
o Secure Email Relay: Secure app-generated emails manage dedicated IP relay for
DMARC rollout.
o Domain Takedown: Monitor/block lookalike domains coordinate with legal.
o DMARC/SPF: Configure DMARC policies SPF records align with DKIM monitor
RUA/RUF reports.
o Email Security: Configure anti-phishing malware scanning and sandboxing rules.
o Email Fraud Defense: Detect BEC impostor emails and supplier risks.
o Secure Email Relay: Secure app-generated emails manage dedicated IP relay for
DMARC rollout.
o Domain Takedown: Monitor/block lookalike domains coordinate with legal.
o DMARC/SPF: Configure DMARC policies SPF records align with DKIM monitor
RUA/RUF reports.
Collaboration & Automation:
o Work with Infrastructure for Netskope tunnel/endpoint deployment and
Falcon/Defender agent deployment.
o Collaborate with SOC Analysts to correlate Netskope/Proofpoint alerts with
Falcon/Defender endpoint incidents.
o Coordinate with Vulnerability Management Analyst on Rapid7 scans of Netskope-
protected assets.
o Automate policies using Netskope/Proofpoint APIs Python scripts and Azure
automation tools.
o Track tasks in Atlassian Jira and document configurations in Confluence for knowledge
transfer.
Required Skills
Technical Skills:
o Netskope: SWG (URL filtering DLP) NPA (ZTNA Azure AD SSO) Cloud Firewall (5-
tuple/FQDN GRE/IPsec) Cloud Exchange for Sentinel.
o Proofpoint: Email Security (anti-phishing sandboxing) Email Fraud Defense (BEC
impostor scoring) Secure Email Relay (dedicated IP) Domain Takedown (lookalike
monitoring) DMARC/SPF (policy configuration RUA/RUF analysis DKIM alignment)
o Integration & Automation: Sentinel log ingestion and correlation
(Netskope/Proofpoint with Falcon/Defender e.g. phishing to endpoint compromise)
Azure AD user-based policies Python/REST APIs for automation Atlassian Jira for task
tracking Confluence for documentation.
o Cloud Security: SASE/SSE principles email authentication (M3AAWG guidelines)
threat hunting in web/email traffic.
o Compliance: Mapping policies to NIST 800-53 GDPR SOX requirements.
Soft Skills:
o Collaboration via Microsoft Teams for daily stand-ups Infrastructure syncs and
Manager of IAM coordination.
o Documentation in Confluence for GIC knowledge transfer and DMARC/SPF reporting.
o Communication to explain DMARC/SPF issues to non-technical stakeholders.
o Work with Infrastructure for Netskope tunnel/endpoint deployment and
Falcon/Defender agent deployment.
o Collaborate with SOC Analysts to correlate Netskope/Proofpoint alerts with
Falcon/Defender endpoint incidents.
o Coordinate with Vulnerability Management Analyst on Rapid7 scans of Netskope-
protected assets.
o Automate policies using Netskope/Proofpoint APIs Python scripts and Azure
automation tools.
o Track tasks in Atlassian Jira and document configurations in Confluence for knowledge
transfer.
Required Skills
Technical Skills:
o Netskope: SWG (URL filtering DLP) NPA (ZTNA Azure AD SSO) Cloud Firewall (5-
tuple/FQDN GRE/IPsec) Cloud Exchange for Sentinel.
o Proofpoint: Email Security (anti-phishing sandboxing) Email Fraud Defense (BEC
impostor scoring) Secure Email Relay (dedicated IP) Domain Takedown (lookalike
monitoring) DMARC/SPF (policy configuration RUA/RUF analysis DKIM alignment)
o Integration & Automation: Sentinel log ingestion and correlation
(Netskope/Proofpoint with Falcon/Defender e.g. phishing to endpoint compromise)
Azure AD user-based policies Python/REST APIs for automation Atlassian Jira for task
tracking Confluence for documentation.
o Cloud Security: SASE/SSE principles email authentication (M3AAWG guidelines)
threat hunting in web/email traffic.
o Compliance: Mapping policies to NIST 800-53 GDPR SOX requirements.
Soft Skills:
o Collaboration via Microsoft Teams for daily stand-ups Infrastructure syncs and
Manager of IAM coordination.
o Documentation in Confluence for GIC knowledge transfer and DMARC/SPF reporting.
o Communication to explain DMARC/SPF issues to non-technical stakeholders.
Qualifications
Experience: 8-10 years in cloud security (e.g. Netskope Zscaler) or email security (e.g.
Proofpoint Mimecast); DMARC/SPF/DKIM experience required.
Education: Bachelors degree in Cybersecurity IT or related field (or equivalent experience).
Experience: 8-10 years in cloud security (e.g. Netskope Zscaler) or email security (e.g.
Proofpoint Mimecast); DMARC/SPF/DKIM experience required.
Education: Bachelors degree in Cybersecurity IT or related field (or equivalent experience).
Certifications: Netskope Certified Administrator Proofpoint Certified Technical Professional
or equivalent required; Microsoft AZ-500 Certified DMARC Professional (CDP) preferred.
or equivalent required; Microsoft AZ-500 Certified DMARC Professional (CDP) preferred.
Key Skills
- Splunk
- IDS
- Identity & Access Management
- PCI
- Windows
- Authentication
- NIST Standards
- Firewall
- Security
- Information Security
- Encryption
- Siem
