Responsibilities
- Cloud Infrastructure Security: Assist in securing our cloud environments by implementing identity and access management (IAM) policies, network security groups, and encryption protocols.
- Monitoring and Incident Response: Monitor cloud security posture using native cloud tools and SIEMs. Assist in investigating and responding to security alerts.
- DevSecOps Integration: Collaborate with DevOps teams to integrate security scanning (SAST/DAST, container vulnerability scanning) into CI/CD pipelines.
- Vulnerability Management: Perform regular vulnerability assessments of cloud resources and work with engineering teams to patch and remediate findings in a timely manner.
- Compliance and Auditing: Support the compliance team by gathering evidence and ensuring cloud configurations align with industry frameworks.
- Automation: Help automate repetitive security tasks and guardrails using scripting (Python, Bash) or Infrastructure as Code.
Requirements
- Experience: 1.5 to 3 years of experience in IT, Security, or DevOps, with at least 1 year focused specifically on cloud security.
- Cloud Platform Knowledge: Hands-on experience with AWS and cloud security tools such as AWS Security Hub, GuardDuty, Inspector, etc.
- Solid understanding of cloud networking (VPCs, firewalls, routing) and IAM.
- Familiarity with Infrastructure as Code (IaC) principles.
- Basic scripting skills (e. g., Python, Bash) for automation.
- Security Fundamentals: Strong grasp of core security concepts (encryption, principle of least privilege, zero trust, vulnerability management).
- Collaboration: Excellent communication skills and a team-player mindset.
- Relevant industry certifications.
- Experience with containerization and Kubernetes security.
- Familiarity with Indian compliance frameworks.
- Familiarity with application security.
This job was posted by Thirunarayan Sharma from smallcase.
