Cloud Security Engineer

HighRadius

Hyderabad, India

5-7 Years

Save

Posted 2 hours ago
Be among the first 10 applicants

Early Applicant

Job Description

Job Summary

We are seeking a skilled Cloud Security Engineer to support Identity and Access Management (IAM) operations, cloud key management, secrets management, and security automation across multi-cloud environments, including Azure, AWS, and GCP. This role will also be responsible for implementing cloud security controls, managing network security operations, and administering firewalls on Fortigate platforms. The Cloud Security Engineer will ensure secure identity governance, controlled access, network segmentation, and policy-driven guardrails that align with enterprise security standards.

Key Responsibilities

Identity & Access Management (IAM)

Execute IAM operations, including provisioning, access troubleshooting, RBAC/ABAC configurations, and access recertifications.
Manage and implement AWS Service Control Policies (SCPs) to enforce governance and guardrails.
Build and manage Azure Policies (definitions, initiatives, assignments) in accordance with compliance regulations.
Support IAM architecture across Azure AD/Entra ID, AWS IAM, GCP IAM, and the enterprise Identity Center.
Assist with IAM incident response and Level 2 escalations.

Key Management & Secrets/Vault Operations

Operate cloud KMS platforms, including Azure Key Vault and AWS KMS, focusing on key rotation, key policies, and certificates/PKI operations.
Enforce cryptographic standards (RSA, AES, ECC), manage TLS certificate lifecycles, and ensure secure key access patterns.

Cloud Security (Azure / AWS / GCP)

Implement cloud security baselines, guardrails, and compliance controls in line with CIS, NIST, and ISO27001 standards.
Support network and security posture configuration utilizing tools such as Wiz and Prisma.
Configure and troubleshoot cloud-native firewalls, Network Security Groups (NSGs), routing, and segmentation.

Network Security (Fortigate)

Manage, monitor, and troubleshoot Fortigate firewalls, including security policies, NAT, VPN (IPsec/SSL), and routing.
Oversee IPS/IDS configurations and threat profiles.
Ensure high availability operations (Active/Passive).
Support network segmentation, micro-segmentation, and Zero Trust enforcement.
Participate in firewall rule reviews, change management, and impact assessments.
Analyze traffic flows, logs, and events using FortiAnalyzer tools.

Automation & Infrastructure as Code

Develop Terraform modules for IAM, KMS, vault, firewall policies, and cloud security controls.
Create Ansible playbooks to automate secret rollout, certificate deployments, firewall configurations, and configuration baselines.
Support Kubernetes environments, focusing on secret management, RBAC, service accounts, workload identity, and Vault injector integration.

Documentation & Governance

Maintain Standard Operating Procedures (SOPs), runbooks, architecture diagrams, and compliance documentation.
Support internal audits, security reviews, and posture reporting.

Required Skills And Experience

Hands-on experience with Terraform and Ansible.
Looking for 5 - 7 Years of experience.
Strong understanding of identity protocols, including SAML, OAuth2, OIDC, LDAP, and Kerberos.
Experience with Azure AD/Entra ID, AWS IAM, and GCP IAM.
Expertise in HashiCorp Vault, Azure Key Vault, and AWS KMS.
Proficiency in Kubernetes RBAC, secrets management, and workload identity management.
Solid understanding of PKI, TLS certificates, and cryptographic primitives.
Strong Linux administration skills (RHEL/CentOS/Rocky Linux).
Familiarity with firewall technologies, particularly Fortigate (firewall/NAT/VPN/IPS/URL filtering) and cloud security controls across Azure, AWS, and GCP.

Desired/Bonus Skills