Blog

Hi,

Hope you are doing well..

Job Title:  VMware Consultant

Location:  – Los Angeles, CA 90045 – ONSITE

Only Local to California

Job Description:

Job Overview:

We are seeking an experienced VMware Security Specialist to join our IT security team. In this role, you will be responsible for securing VMware environments, ensuring that virtualized infrastructures are protected against cyber threats, vulnerabilities, and attacks. You will collaborate with IT, network, and security teams to implement security best practices, deploy and manage security tools, and monitor VMware environments to maintain a robust security posture.

Key Responsibilities:

VMware Security Configuration: Design, implement, and manage security configurations for VMware environments, including VMware vSphere, vCenter, ESXi hosts, and VMware vSAN, to ensure they meet organizational security policies and industry standards.

Hardening & Vulnerability Management: Apply hardening techniques and manage vulnerability scans for VMware platforms. Stay current with VMware security patches and advisories, and ensure timely remediation of vulnerabilities.

Access Control & Authentication: Implement role-based access control (RBAC), strong authentication mechanisms, and multi-factor authentication (MFA) to control access to VMware environments. Manage user permissions and enforce least privilege access.

Monitoring & Threat Detection: Monitor VMware environments for security threats and anomalies using security tools like VMware vRealize Operations, vSphere Security, and third-party SIEM platforms. Implement and configure logging and monitoring solutions for continuous surveillance.

Incident Response & Remediation: Lead or assist in responding to security incidents involving VMware environments. Investigate potential security breaches, perform root cause analysis, and implement mitigation actions to prevent recurrence.

VMware Security Tools: Manage and configure VMware-specific security solutions, such as VMware Carbon Black, VMware AppDefense, and VMware NSX, to protect workloads, virtual machines, and network traffic within VMware environments.

Disaster Recovery & Backup Security: Ensure that VMware virtual environments are protected with secure and compliant backup and disaster recovery strategies. Test and validate recovery plans to ensure continuity in the event of a cyber incident.

Compliance & Auditing: Work closely with the compliance team to ensure that VMware environments meet security and regulatory standards such as PCI DSS, HIPAA, GDPR, and others. Conduct regular security audits and provide reports on VMware platform security posture.

Documentation & Reporting: Maintain detailed documentation of VMware security configurations, incident reports, and vulnerability management activities. Prepare reports for management and stakeholders on the state of VMware security.

Training & Awareness: Provide guidance and training to system administrators and other IT teams on VMware security best practices and emerging threats. Help drive security awareness across the organization regarding secure usage of virtualized environments.

Continuous Improvement: Stay up-to-date on VMware security features, emerging threats, and industry best practices. Continuously enhance VMware security configurations and processes based on evolving risks and organizational needs.

Required Qualifications:

Experience: Experience in securing VMware environments, including VMware vSphere, ESXi, vCenter, and vSAN. Strong understanding of virtualization security principles and best practices.

Technical Skills: In-depth knowledge of VMware security configurations, including securing virtual machines, virtual networks, and hypervisors. Familiarity with VMware-specific security solutions like Carbon Black and NSX.

Vulnerability & Patch Management: Experience with vulnerability management, patching processes, and security compliance for virtualized environments.

Access & Identity Management: Proficiency in role-based access control (RBAC), identity management, and implementing secure authentication mechanisms such as MFA.

Incident Response & Forensics: Strong experience with incident response, including investigating and mitigating security incidents in virtualized environments.

SIEM & Monitoring Tools: Experience using SIEM platforms (e.g., Splunk, IBM QRadar) and VMware-specific monitoring tools to detect and respond to security threats.

Compliance Knowledge: Understanding of regulatory compliance frameworks such as PCI DSS, HIPAA, and GDPR as they apply to virtualized infrastructures.

Certifications: VMware Certified Professional (VCP), VMware Certified Advanced Professional (VCAP), Certified Information Systems Security Professional (CISSP), or other relevant certifications are highly desirable.

Preferred Qualifications:

Cloud Security Expertise: Familiarity with securing VMware environments in hybrid or cloud-based infrastructures (e.g., VMware Cloud on AWS, vSphere on cloud).

Networking Security: Experience with VMware NSX or other virtual network security solutions to protect virtual networks and workloads.

Automation & Scripting: Experience with automation tools (e.g., PowerShell, Ansible) to enforce security policies and automate security tasks within VMware environments.

Penetration Testing & Risk Management: Familiarity with penetration testing methodologies for virtualized environments and assessing risk associated with virtual machine configurations.