Trillionloans (A BharatPe Group Company) is hiring for an IT Security Solution Engineer with a strong understanding of AWS cloud security, hands-on exposure to Orca Security (CNAPP), and a basic background in Dynamic Application Security Testing (DAST). The role will work closely with DevOps, Endpoint-IT teams to design, implement, and optimize End user-IT & cloud security solutions while ensuring secure application deployment and continuous risk reduction
What will you do
- Review, support & implement secure AWS architectures with understanding of IAM, VPC, EC2, S3, RDS, and EKS. Including network security controls such as security groups, NACLs, and firewall policies.
- Configure, manage, and optimize Orca Security for cloud posture management, vulnerability detection, and risk prioritization.
- Analyze Orca findings related to misconfigurations, vulnerabilities, exposed assets, and identity risks.
- Work with stakeholders to translate Orca alerts into actionable remediation plans.
- Secure Kubernetes clusters (EKS) including RBAC, network policies, secrets management, and pod security standards
- Implement container image scanning and runtime security controls & enforce least-privilege access for workloads and services
- Run DAST tool to review application related changes & to identify runtime application vulnerabilities.
- Track remediation SLAs and produce security metrics and dashboards & Collaborate with development teams to validate findings and guide remediation.
- Assist in integrating DAST into CI/CD pipelines (where applicable).
Who's the right fit for us
- AnIT professionalwith 47 years experience in infrastructure, cloud, or security engineering
- Certifications (preferred): AWS Security Specialty / Associate, CEH, Security+, or equivalent.
- Strong hands-on understanding of AWS services, including: IAM, VPC, EC2, S3, RDS, Lambda, CloudTrail, Security Hub.
- Experience or strong working knowledge of Orca Security or similar CNAPP/CSPM tools.
- Basic to intermediate knowledge of DAST concepts and tools.
- Familiarity with Cloud security best practices, OWASP Top 10 &Vulnerability management workflows
- Understanding of CI/CD and DevOps security concepts is a plus.
Interested candidates can also share their profiles at - [Confidential Information] along with their current and expected compensation details.
