Security Engineer - Cloud Security

Role summary

We are looking for a talented, dedicated Security Engineer who thrives on securing complex environments and possesses deep, broad expertise in security. This crucial role focuses on translating Cloud Security policies into actionable technical controls, administering key security solutions, hardening core infrastructure (Private and public cloud), and providing essential support.

Core Responsibilities:

1. Understand the Infra and Engineering requirements and provide solutions to ensure security in the day-to-day cloud operations.
2. Identify and assess security misconfigurations across the cloud infrastructure, and drive their mitigation.
3. Identify the Perimeter, the trusted boundaries for cloud infrastructure, and ensure the necessary security guardrails are implemented to maintain security across all cloud assets.
4. Steer security strategy efforts for security hardening, vulnerability management, and patch management across Cloud Infrastructure.
5. Establish and govern cloud security baselines across all infrastructure to counter emerging threats.
6. Manage HIDS/HIPS/NIDS and their adoption across the cloud infrastructure.
7. Drive security improvements, risk mitigation, patch management, and other operational security aspects for the entire cloud infrastructure.
8. Ensuring that Cloud Infrastructure complies with relevant security standards (ISO-27001, PCI-DSS, GDPR, NIST, RBI)

Skills and Experience:

• 4+ years of experience in Cloud security.
• Deep understanding of Openstack, AWS, Azure, and other cloud security services, cloud security best practices, shared responsibility model, and cloud-specific threats.
• Proficiency in securing IaC templates (CloudFormation, Terraform) and integrating security checks into CI/CD pipelines, Kubernetes (K8S), Terraform, and automating redundant workflows.
• Knowledge of VPCs, security groups, network ACLs, routing, VPNs, and Transit Gateway for secure network design.
• Expertise in managing user identities, roles, permissions, and federation in AWS and GCP.
• Capability to design and implement secure cloud architectures considering scalability, performance, and cost.
• Knowledge of regulatory requirements (ISO-27001, PCI-DSS, GDPR, NIST, RBI) and adherence to requirements in Cloud Infra.
• Experience in scripting or automating security tasks.

Qualification:

• Bachelor's degree in Computer Science, Information Security, or a relevant technical field.
• Relevant cloud and security certifications, such as CISM or an equivalent, are highly desirable.
• Demonstrated expertise in frameworks such as ISO/IEC 27017, ISO 27018, SOC 2, RBI, and PCI DSS is highly desirable.