Cloud Security Engineer

Position Summary:

Your role will be working on leading the security strategy governing the application and cloud-based platform infrastructure

You will work with other infrastructure, DevOps and application engineers to understand product and business needs, provide expertise around Secure application and cloud service development, as well as define and own clear guardrails, alerts, and Security as Code (SaC) deployments to provide 24/7 protection from malicious traffic, vulnerabilities and other attack vectors

Responsibilities:

Support cross-team security initiatives of internal teams and consult with teams on security in design

Engineer and tune the cloud security solutions including but not limited to enrollments, monitoring, alerting and maintaining defined security posture

Designing a secure application-release automation process to make security an integral part of the CI/CD pipelines and Integrate security tools for issue tracking with Jira

Identifying security tools and leading operationalization of solutions from POC to Production

Implementing automation to investigation and response workflows for Automated Incident Response

Reduce time-to-detect and time-to-remediate by driving the automation of applied threat intelligence and sensor enrichment

Work with Architecture teams to Implement a identity management ecosystem holistically and create a secure infrastructure, Enforce compliance with IAM principals including least privilege access, password management, Audit logging, RBAC, deploy and maintain password management, user account lifecycle, certificate management and system authentication solutions

improve Web App Firewalls (WAF), Ensure early Identification of intrusion & attacks and implement countermeasures

Implement security measures that monitor and protect sensitive data and systems from infiltration and cyber-attacks

Work with cloud providers to obtain understanding of security controls, ensure controls are leveraged

Develop innovative security controls to protect assets across a complex environment

Administer a wide and interesting range of security platforms and systems

Implement security orchestration and automation in support of security operations

Stay abreast of emerging technologies and threats proactively assess and evaluate the adoption thereof into the organization

Act as a first-responder for security-related incidents

Strong commitment to standardization and documentation

Skills and Experience Required:

At least 5+ years of total experience in Cyber security including Incident response, Engineering, Cloud architectures, Tuning etc, At least 3+ years of experience and hands-on expertise in tuning of network sensors like SIEM, DDOS, WAF, Cloud Security and/or Opensource development

Must have proficiency with scripting languages (Batch scripting, Python and Ansible)

Must have experience in Monitoring and improving DevSecOps tools and processes, automate routine tasks, improve system reliability and should be from the strong information security background

Must have hand on experience with Linux/Unix systems

Experience in developing and reviewing hardening guidelines for various Linux and Unix Operating systems in line with the industry best practices

Understanding of security frameworks and standards like OWASP & NIST, Solid understanding of security protocols, cryptography, authentication, authorization

Good understanding of Linux, TCP/IP protocol stack and networking fundamentals, security principles at all layers of the OSI stack

Detail understanding of Network Technologies Routers, switches, Load Balancers,firewalls, proxy etc, Should have broad technical foundation and be able to understand network, operating system, database and application development design and support as necessary to be able to analyse issues and recommend solutions for the detection, remediation and prevention of security vulnerabilities

Experience in designing and reviewing security controls for Public cloud based deployments

Experience of implementing any cloud based SIEM Tools will be an advantage

Experience with PKI, SSL, SSH, HHTPS etc, Knowledge of RESTful web services (client – server application)

Hands on knowledge of Automation skills, Dev-Ops skills etc,

Software development domain and principles, including design patterns, code structure, programming languages, continuous integration (Bitbucket), continuous deployment (Jenkins), and deployment orchestration (Puppet, Ansible, or equivalent)

Qualifications

Bachelor degree in a technical field such as computer science, computer engineering

Minimum experience: 10 yrs

in technology field out of which 5-6 yrs in Devsecops