Security Engineer 2

What You Will Bring:

 - Good to have basic security experience in any domain 
- Must have knowledge of JSON or YAML languages.
- Sufficient experience in building Cloud fundamental services in GCP/Azure cloud. (Cloud compute, Azure Functions, IAM, etc)
- Good to have hands-on experience working in GCP/Azure security native tools (Azure Key Vault, IAM, Azure WAF, Azure DDOS protection Secure command center)
- Must have knowledge in security Compliance and standards(CIS, ISO-27001 , NIST).
- Good to have experience in third-party Security tools such as Prisma, Wiz, and TrendMicro.
- Must have good communication and collaboration with cross-functional teams for managing the observation remediation.

- Must have a core understanding of  Cloud developments and implementation for Fundamental services (Google Compute, Azure virtual machines, WAF, IAM)
- Must have good hands-on experience in Cloud native/3rd party security services (Palo Alto Prisma, WIZ, GCP Secure command canter, GCP Armor, Azure sentinel, DDOS protection)
- Must have good experience in developing a secure architecture by design cloud.
- Good to have experience in code development (Python, scripting, Terraform, Cloud formation, Ansible playbooks)
- Must have good knowledge in all end to end Cloud services for defining security best practices.
- Must have experiences in CSPM, CIEM security toolings
- Must have experience in implementing Security policies in Posture management tools.
- Must have knowledge in JSON or YAML to construct a IAC or to identify the misconfigurations in the IAC.
- Should have a good knowledge in security standards and best pratices (NIST, ISO, CIS,GDPR)
- Good to have communication and collaboration with cross fucntional team for managing the observations and remediation

1.Extensive Cloud Security Engineering Experience: You possess a minimum of 5 years of hands-on experience in cloud security, specifically working with AWS, GCP, and Azure. Your in-depth knowledge of cloud architecture, networking, and security best practices allows you to design and implement robust security solutions.

2.Technical Proficiency: You are proficient in a wide range of cloud security tools, technologies, and services, such as AWS Security Services (e.g., IAM, VPC, WAF, GuardDuty), GCP Security Services (e.g., Identity Platform, Cloud Security Command Center), and Azure Security Services (e.g., Azure Active Directory, Azure Security Center). Your expertise extends to cloud-native security controls, threat detection, incident response, and vulnerability management.

3.Strong Security Mindset: You possess a deep understanding of security principles and frameworks, such as CIS Benchmarks, NIST, and ISO 27001. You have experience implementing security controls and conducting security audits and assessments to ensure compliance with industry standards and regulations.

4.Analytical and Problem-Solving Skills: You have a strong analytical mindset with the ability to assess complex security risks and develop effective mitigation strategies. You can identify vulnerabilities, conduct security assessments, and provide recommendations for improving the overall security posture of our cloud environments.

What You Will Do:

1. Secure Cloud Architecture: Collaborate with cross-functional teams to design and build secure cloud architecture, ensuring the confidentiality, integrity, and availability of our cloud-based systems. Implement robust security controls and configurations across AWS, GCP, and Azure environments, following industry best practices and standards.

2. Security Tooling and Automation: Evaluate, select, and implement appropriate security tools and technologies to enhance cloud security. Develop and maintain automation scripts, templates, and playbooks for security operations, ensuring efficient and scalable security processes.

3. Security Architecture Review: Review and assess the security architecture of cloud-based applications and services. Collaborate with development teams to provide security recommendations and assist in the implementation of secure coding practices and security controls.

4. Security Documentation and Compliance: Develop and maintain security documentation, including security policies, standards, procedures, and guidelines specific to cloud environments. Stay updated with relevant compliance requirements and assist in compliance audits to ensure adherence to regulatory and industry standards.

5. Security Testing and Validation: Plan and execute security testing activities, including vulnerability assessments, penetration testing, and security code reviews, to identify and remediate security vulnerabilities in cloud environments. Validate the effectiveness of security controls and ensure compliance with security policies and standards.

6. Security Awareness and Training: Collaborate with teams across the organization to promote a culture of security awareness. Develop and deliver training sessions and educational materials to enhance the understanding of cloud security best practices and ensure proper security hygiene among technical teams.

7. Threat Modeling and Risk Assessment: Conduct threat modeling exercises to identify potential security risks and vulnerabilities in cloud infrastructure. Perform risk assessments and provide recommendations for mitigating risks and enhancing the overall security posture of the cloud environment.

8. Security Incident Response: Contribute to the development and improvement of incident response plans and playbooks for cloud security incidents. Participate in incident response activities, including investigations, containment, eradication, and recovery, to minimize the impact of security incidents.

9. Collaboration and Stakeholder Management: Work closely with cross-functional teams, such as infrastructure, development, and operations, to provide guidance and support on cloud security matters. Collaborate with stakeholders to address security requirements, provide technical expertise, and ensure security is integrated into the development and deployment processes.

This position offers an exciting opportunity to make a significant impact in a rapidly evolving cloud security landscape. If you are a proactive and knowledgeable Cloud Security Expert with a passion for protecting cloud infrastructure, we invite you to join our team and contribute to our ongoing success.

Please submit your resume and cover letter detailing your relevant experience and accomplishments to be considered for this role.