Cloud Security Architect

Job Overview:
We are seeking an experienced Hands-On Cloud Security Architect to secure the architecture and infrastructure of our enterprise product software deployed in the cloud. As a Cloud Security Architect, you will play a critical role in designing, implementing, and maintaining secure cloud environments for our enterprise software solutions. You will directly contribute to securing the product's cloud-based infrastructure, ensuring both security and compliance, while actively collaborating with development, DevOps, and IT teams to incorporate cloud security practices into the software development lifecycle (SDLC). This role requires a hands-on, technical approach, enabling us to maintain a secure, resilient, and scalable product platform.

Key Responsibilities:
Design & Implement Secure Cloud Architecture: Secure enterprise product software hosted in both public and private clouds (AWS, Azure, GCP) and integrate security controls into the architecture.
Embed Security into SDLC: Collaborate with development and DevOps teams to integrate cloud security practices into the product development process, ensuring secure APIs, storage, and networking configurations.
OWASP Integration: Ensure adherence to OWASP Top 10 for secure coding practices and mitigate risks like injection attacks and authentication flaws.
Automate Security Controls: Configure and automate security tools for vulnerability management, patching, and incident response in cloud environments.
Hybrid Cloud Security: Secure workloads across both public and private cloud resources, ensuring seamless integration and consistent security policies.
Compliance & Risk Management: Ensure compliance with regulatory frameworks (SOC 2, HIPAA, GDPR) and manage security risks across the cloud infrastructure.
Security Testing: Perform regular penetration testing, vulnerability assessments, and secure code reviews for cloud-hosted enterprise software.
Incident Response & Monitoring: Lead monitoring efforts and respond to security incidents in real time, ensuring the security of the products cloud infrastructure.

Qualifications:
Education: Bachelors in Computer Science, Information Security, or related field. Advanced certifications (CISSP, CCSP, AWS Certified Security Specialty) are a plus.
Experience:
o 8+ years of experience in cloud security, with a focus on enterprise product software in the cloud.
o At least 3+ years of hands-on experience with major cloud platforms (AWS, Microsoft Azure, or Google Cloud Platform).
o Proven experience with securing enterprise software applications and cloud infrastructures.
o Strong background in securing complex, large-scale software environments with a focus on infrastructure security, data security, and application security.
o Hands-on experience with the OWASP Top 10 and integrating security measures into cloud applications.
o Experience with Hybrid Cloud environments and securing workloads that span on-premises and public cloud platforms.
Technical Skills:
o In-depth experience with cloud service models (IaaS, PaaS, SaaS) and cloud security tools (e.g., AWS Security Hub, Azure Security Center, GCP Security Command Center).
o Expertise in securing enterprise applications, including web services, APIs, and microservices deployed in the cloud.
o Strong experience with network security, encryption techniques, IAM policies, security automation, and vulnerability management in cloud environments.
o Familiarity with container security (Docker, Kubernetes) and serverless computing security.
o Hands-on experience with Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, or similar tools.
o Knowledge of regulatory compliance requirements such as SOC 2, GDPR, HIPAA, and how they apply to enterprise software hosted in the cloud.
Certifications:
o Certified Information Systems Security Professional (CISSP)
o Certified Cloud Security Professional (CCSP)
o AWS Certified Security Specialty, Azure Security Engineer, or equivalent certifications.
o Other relevant certifications (e.g., CISM, CISA) are a plus.

Soft Skills:
o Strong problem-solving and analytical skills with the ability to assess and mitigate cloud security risks.
o Excellent written and verbal communication skills, with the ability to explain complex security concepts to technical and non-technical stakeholders.
o Collaborative mindset, able to work cross-functionally with engineering, operations, and product teams.
o Detail-oriented, with a commitment to maintaining high security standards in all aspects of the enterprise software.

Additional Information:
Work Environment:
o This role can be based in Bangalore
o Occasional travel may be required for client meetings or industry conferences.
Compensation:
o Competitive salary and benefits package, including health insurance.

Additional Information:
Work Environment: Based at the office in Bangalore. Occasional travel required.
Compensation: Competitive salary and benefits