JD - Security Engineer - Cloud Security
Role summary
We are looking for a talented, dedicated Security Engineer who thrives on securing complex environments and possesses deep, broad expertise in the security domain. This crucial role focuses on translating Cloud Security policies into actionable technical controls, administering key security solutions, hardening core infrastructure (Private and public cloud), and providing essential support.
Core Responsibilities:
- Understand the Infra and Engineering requirements and provide solutions to ensure security in the day-to-day cloud operations.
- Identify and assess security misconfigurations across the cloud infrastructure, and drive their mitigation.
- Identify the Perimeter, the trusted boundaries for cloud infrastructure, and ensure the necessary security guardrails are implemented to maintain security across all cloud assets.
- Steer security strategy efforts for hardening, configuration, and maintenance of Cloud Infrastructure.
- Establish and govern cloud security baselines across all infrastructure to counter emerging threats.
- Manage HIDS/HIPS/NIDS and their adoption across the cloud infrastructure.
- Drive security improvements, risk mitigation, patch management, and other operational security aspects for the entire cloud infrastructure.
- Ensuring that Cloud Infrastructure complies with relevant security standards (ISO-27001, PCI-DSS, GDPR, NIST, RBI)
Skills and Experience:
- 4+ years of experience in Cloud security.
- Deep understanding of AWS and other cloud security services (KMS, Security Hub, GuardDuty, EC2, S3), cloud security best practices, shared responsibility model, and cloud-specific threats.
- Proficiency in securing IaC templates (CloudFormation, Terraform) and integrating security checks into CI/CD pipelines, Kubernetes (K8s), Terraform, and automating redundant workflows
- Knowledge of VPCs, security groups, network ACLs, routing, VPNs, and AWS Transit Gateway for secure network design.
- Expertise in managing user identities, roles, permissions, and federation in AWS and GCP.
- Capability to design and implement secure cloud architectures considering scalability, performance, and cost.
- Knowledge of regulatory requirements (ISO-27001, PCI-DSS, GDPR, NIST, RBI) and adherence to requirements in Cloud Infra.
- Experience scripting or automating security tasks.
Qualification:
- Bachelor's degree in Computer Science, Information Security, or a relevant technical field.
- Relevant cloud certifications/security certifications, such as CISM or equivalent, are highly desirable.
- Demonstrated expertise in frameworks such as ISO/IEC 27017, ISO 27018, SOC 2, RBI and PCI DSS is highly desirable.
