Cloud Security Engineer (3-7 yrs)

Location : Bangalore.

Experience Required : 3- 7 years

Job Description :

- Implement strong encryption algorithms to protect data at rest and in transit.

- Implement granular access controls to limit who can access different parts of the cloud environment.

- Use DLP tools to prevent sensitive data from being accidentally or intentionally shared outside the organization.

- Continuously monitor the cloud environment for suspicious activity.

- Deploy IDPS to detect and block unauthorized access attempts.

- Protect web applications from attacks like SQL injection and cross-site scripting.

- Regularly scan the cloud environment for vulnerabilities and patch them promptly.

- Ensure compliance with relevant industry standards and regulations, such as HIPAA, GDPR, and PCI DSS.

- Conduct regular risk assessments to identify potential security threats and vulnerabilities.

- Develop and maintain an incident response plan to effectively handle security breaches.

- Investigate security incidents to determine the root cause and extent of damage.

- Collect and analyze evidence to identify attackers and reconstruct the attack.

- Take steps to restore the system to a secure state and prevent future attacks.

- Develop and deliver training programs to educate employees about cloud security best practices.

- Conduct phishing simulations to test employees' awareness of security threats.

- Create and enforce security policies to guide employee behavior.

- Stay up-to-date on the latest security technologies and trends.

- Conduct regular security audits to identify areas for improvement.

Key Skills :

- Expertise in CloudFormation/Terraform IaC.

- Proficiency in IaaS, PaaS, and SaaS environments in AWS and Azure.

- Strong knowledge of Python.

- Familiarity with YAML and JSON formats.

- Responsibility to manage and optimize cloud infrastructure in AWS and Azure.

- Implement security automation using Logic Apps and Azure Monitor.

- Enforce role-based access policies and privileged access management.

- Configure and manage Microsoft Defender for Cloud Apps, Microsoft 365 Defender, and Microsoft Purview Compliance.

- Manage AWS security services such as IAM, VPC, EC2, S3, and CloudFront.

- Migrate and secure data using AWS services like RDS, Lambda, and DynamoDB.

- Lead and manage cloud security projects from planning to execution.

- Collaborate with cross-functional teams to design, implement, and maintain secure cloud solutions.

- Perform regular security audits, reviews, and remediation based on incident logs.

- Provide documentation and support to clients, ensuring all security protocols are followed