- Company Name
- TEKsystems
- Job Title
- Security Engineer
- Job Description
-
<think>
Okay, so the user wants me to normalize a job description into a concise mini-job profile for job matching. Let me read through the job description carefully.
First, the job title is "Security Engineer." I need to pick that out for the output. The role summary should be a concise summary. Let me look at the key points. The main focus areas are Application Security Operations, Cloud Security, and Infrastructure Vulnerability Management. The role also involves collaboration with DevOps and development teams. The required certifications include CISSP, CISM, AZ-500, etc. Skills needed are in Azure security services, vulnerability management, scripting languages, and more.
I need to exclude company details, location, benefits, and any fluff. The summary should be factual, ATS-friendly, and globally neutral. Max 500 words. Let me break down each section as per the required headings: Role Summary, Expectations, Key Responsibilities, etc.
For Role Summary, I should mention the main objectives: application security, cloud security, infrastructure vulnerabilities. The expectations might include experience in integrating security tools into CI/CD pipelines and using Azure services. Key responsibilities would be the specific tasks: overseeing tools, managing vulnerabilities, working with teams. Required skills include tools like DAST, SAST, SCA, Azure Defender, etc. Education would be a bachelor's degree in computer science or related field, and certifications like CISSP or AZ-500.
Wait, the user mentioned to exclude company details, so I need to make sure TEKsystems info is left out. Also, the location (Dearborn, MI) is in the job description, but I need to leave that out. Benefits like medical insurance, PTO, etc., are specified but should be excluded.
I need to check if all skills and certifications are covered. The job description lists CISSP, CISM, AZ-500, CySA+, CEH. Required education is bachelor's degree or equivalent. Experience is 3-5 years in security, with ISO experience or certification mentioned. ISO 27001? Not sure if that's part of the required education/certs. Maybe the ISO part is under certifications? Let me check the job description again. "3 - 5 years security experience ISO experience or certification". Hmm, perhaps they mean ISO 27001 certification or experience in ISO 27001 compliance. I should include that as part of required certifications.
Also, the user mentioned to keep it neutral globally. So I need to avoid any region-specific terms unless specified. The job type is a contract position, but the user said to exclude job type. Wait, in the output, the user didn't mention job type in the example, so I'll omit it.
Let me structure each section:
Role Summary: The primary focus areas of the position.
Expectations: What the employer expects in terms of skills, tools, collaboration, and problem-solving approaches.
Key Responsibilities: The day-to-day tasks and responsibilities.
Required Skills: Technical skills like tools, programming languages, etc.
Required Education & Certifications: Education level and necessary certifications.
Need to ensure that each section is concise, using bullet points where possible but according to the user's example, maybe bullet points are allowed. Wait, the user's output example uses bullet points. Let me check the example in the input. The example output for another job uses bullet points. So, for Role Summary, it's a paragraph. For Expectations, bullets. Same for Key Responsibilities, Required Skills, etc. Wait, the user said "factual, concise, ATS-friendly". Bullet points are more ATS-friendly. Let me use bullet points where appropriate.
Wait, looking at the example in the original instruction: "Provide a concise summary for job matching. Max 500 words. Exclude company details, location, benefits, or fluff. Output only: Job title, Role Summary, Expactations, Key Responsibilities, Required Skills, Required Education & Certifications. Keep it factual, concise, ATS-friendly, and globally neutral. Do not add any introduction, explanation, or extra text."
So the output should be only those sections. The example given in the user's input for the output includes bullet points for each section. But in the user's example for output, it's all in bullet points with bold headings. However, in the example provided in the input, the user may have pasted a previous response where bullet points were used. The user might prefer bullet points for each section.
But according to the instructions: "Keep it factual, concise, ATS-friendly, and globally neutral." Using bullet points is standard for ATS. So I'll use bullet points where possible. Let me structure each section with bullet points. The user's example shows bullet points for each section. For example:
Role Summary:
- Oversees application security tools (DAST, SAST, SCA)...
- Collaborates with development and DevOps teams...
But in the original example, the user's output had Role Summary as a paragraph. Hmm, the user provided an example in their instructions. Let me check again.
Looking back at the user's message, they said to provide a concise summary and output only the specified sections. In the example they provided in the instructions (for another job), the output uses bullet points for Role Summary, Expectations, etc. However, in the user's initial instruction, the example shows bullet points. Wait, no, the user's example might be a different job, but the instruction says to follow the format provided. Let me refer to the user's own example for structure.
The user says: "Provide a concise summary for job matching. Max 500 words. Exclude company details, location, benefits, or fluff. Output only: Job title, Role Summary, Expactations, Key Responsibilities, Required Skills, Required Education & Certifications. Keep it factual, concise, ATS-friendly, and globally neutral. Do not add any introduction, explanation, or extra text."
So, in their example output (which they provided in the question), the assistant's response would be in the format:
Security Engineer
Role Summary:
- ...
- ...
Expectations:
- ...
- ...
Key Responsibilities:
- ...
- ...
Required Skills:
- ...
- ...
Required Education & Certifications:
- ...
- ...
Each section has bullet points. So I'll follow that structure.
Now, let's tackle each section.
Role Summary:
- Lead application security operations, including oversight of DAST, SAST, and SCA tools (SonarQube, Burpsuite, JFrog X-ray preferred).
- Implement cloud security frameworks using Microsoft Azure services (Microsoft Defender for Cloud, Entra ID, Azure Sentinel).
- Manage infrastructure vulnerability assessments and remediation through Microsoft Defender for Cloud.
Expectations:
- Expertise in integrating security tools into CI/CD pipelines and prioritizing remediation using CVSS scores and exploit risk.
- Hands-on experience with Azure security services (Defender for Cloud, Entra ID, Azure Sentinel) and security scoring.
- Scripting proficiency in Python, PowerShell, or KQL to enhance automation and analysis.
- Ability to collaborate with DevOps and application teams to address security findings.
- Knowledge of Active Directory and ISO 27001 standards for security best practices.
Key Responsibilities:
- Operate and optimize application security tools to identify and remediate vulnerabilities.
- Conduct regular vulnerability assessments and remediation on Azure environments (IaaS, PaaS).
- Analyze cloud configurations for misconfigurations and implement security controls.
- Develop security strategies for cloud infrastructure and hybrid environments.
- Facilitate remediation of critical vulnerabilities, prioritizing internet-facing servers and crown jewels.
Required Skills:
- Application security tools (DAST, SAST, SCA)
- Microsoft Azure security services (Microsoft Defender for Cloud, Azure Sentinel, Entra ID)
- Vulnerability management and remediation
- Scripting (Python, PowerShell, KQL)
- Security analysis and risk assessment
- DevOps collaboration and CI/CD integration
Required Education & Certifications:
- Bachelor's degree in computer science, cybersecurity, or related field.
- 3-5 years in cybersecurity or related role
- Certifications: CISSP, CISM, AZ-500 (preferred), CySA+, CEH
Wait, the job description mentions "3 - 5 years security experience ISO experience or certification". I need to include that. So ISO here likely refers to ISO/IEC 27001. So add ISO/IEC 27001 experience or certification as required. Also, the job requires 3-5 years of security experience and ISO experience or certification. So in Required Education & Certifications, it's 3-5 years experience and a bachelor's degree, plus certifications like CISSP, etc. Also include ISO/IEC 27001 as a certification.
Wait, the job description says: "3 - 5 years security experience ISO experience or certification". The wording is a bit unclear. Maybe "ISO experience" refers to experience working with ISO standards in security, like ISO 27001. So perhaps the required education section should include 3-5 years in cybersecurity, with ISO 27001 certification or equivalent experience.
I need to make sure that's included in Required Education & Certifications. Also, the preferred and required certifications are CISSP, CISM, AZ-500, CySA+, CEH. So in the output, list all required and preferred certifications. The job says "one or more highly preferred", so maybe specify that.
Also, check if "ISO experience or certification" is required or preferred. The job says "3 - 5 years security experience ISO experience or certification". Maybe that's part of the required experience. So perhaps the required experience is 3-5 years in security, preferably with ISO 27001 knowledge