Designation - Sr. Lead - Cloud Security
Experience - 8 - 12 years
Location - Remote(India)
Essential skills:
- Cloud security framework; Strong scripting skills with PowerShell and
experience managing Linux systems.
- Solid understanding of version control tools, particularly Git.
- Experience with cloud platforms, including AWS, Azure and GCP.
- Problem solving and troubleshooting skills.
Desired skills:
- Good communication skills
- Experience with Docker and container orchestration tools.
- Knowledge of microservices architecture and related best practices.
Summary:
Resource must exhibit strong trouble shooting and problem-solving skills along with knowledge of cloud architecture, security features, and cloud platforms such as AWS. Resource must be well-versed with incident management; must have information security auditing experience.
Roles & Responsibilities:
Security Integration in DevOps Pipelines:
● Embed security tools and practices in CI/CD pipelines to detect
and mitigate vulnerabilities.
● Implement static and dynamic code analysis, vulnerability
scanning, and container security checks.
Infrastructure Security:
● Design and implement secure infrastructure leveraging cloud
services and Infrastructure as Code (IaC).
● Ensure configuration management for servers and cloud
environments meets security standards.
Automation and Monitoring:
● Automate security testing and monitoring processes to maintain
compliance and reduce manual intervention.
● Develop and maintain monitoring systems to detect anomalies
and security breaches.
Collaboration and Training:
● Collaborate with cross-functional teams to address security
concerns during software development and deployment.
● Provide training and awareness on secure coding practices and
DevSecOps tools.
Incident Management:
● Respond to security incidents, conduct root cause analysis, and
implement preventive measures.
● Maintain and test incident response plans.
Compliance and Governance:
● Ensure systems adhere to regulatory requirements and industry
best practices.
● Conduct periodic security audits and assessments to maintain
compliance.
● Considering dependencies, relationships, and integration points
to ensure proper solution integration with other systems when
applicable
● Responsibility for compliance with applicable industry standards,
corporate policies and procedures
● Maintaining high-level of client satisfaction
● Leveraging knowledge and experience of technical
implementation related to IT Infrastructure Library (ITIL)
processes, workflow customization, ticketing, process
automation, report development, dashboard creation, and
system configurations
Essential Experience:
● Solid experience in software development and operations,
with a focus on security.
● Strong knowledge of DevOps principles and practices,
including CI/CD pipelines, version control systems, and
automated testing frameworks.
● Proficiency in scripting and automation using languages such
as Python, Ruby, or PowerShell.
● Familiarity with cloud platforms and services (e.g., AWS,
Azure, GCP) and their security considerations.
● Experience with containerization technologies (e.g., Docker,
Kubernetes) and associated security practices.
● Knowledge of security frameworks and standards (e.g.,
OWASP, NIST, ISO 27001) and their application in software
development.
● Understanding of secure coding practices and common
vulnerabilities (e.g., OWASP Top 10) and their mitigation
techniques.
● Strong analytical and problem-solving skills, with the ability
to identify and address security risks and incidents
effectively.
Desired Experience:
● Excellent communication and collaboration skills, with the
ability to work effectively with cross-functional teams and
stakeholders.
● Knowledge of microservices architecture and related best
practices
Certifications, if any:
AWS Security, CEH, ISO 27001