Azure Cloud Security Lead

Description

Contribute to the object of Cloud Security Governance-Monitoring -“a continuous process of cloud security improvement and adaptation to reduce the likelihood of a successful attack”.

Should assess/review the process, procedure, policy of all the domain controls deployed in the cloud.

Should perform internal reviews for CSPM/SSPM/CWPP/CIEM policies which include

·      Configuration baseline and compliance to standards review

·      Exceptions review

·      Auto remediation review

 Few common scenarios to consider but not limited to

• Lack of encryption on databases or data storage
• Lack of encryption on application traffic
• Improper encryption key management such as not rotating keys regularly
• Overly liberal account permissions
• No multi-factor authentication enabled
• Misconfigured network connectivity
• Data storage exposed directly to the internet
• Logging is not turned on to monitor critical

Qualifications and Primary Responsibilities:

·      5 years related work experience with a preference for Azure Cloud security.

·      Work location is Hyderabad. Need to support for 24/7 operation on rotation basis.

·      Experience with Cloud Security Posture Management tools (CSPM) systems.

·      Experience working with cloud security and governance tools such as CSPM, cloud access security brokers (CASBs) technologies, Container Security, Cloud Workload Protection Platform (CWPP), cloud infrastructure entitlement management (CIEM)

·      Experience with enterprise applications (architecture, development, support, and troubleshooting)

·      In-depth knowledge of configuration Benchmarks for clouds.

·      Possess a firm understanding of the offerings and capabilities within Azure, GCP, OCI, AWS clouds.

·      Assess architecture of cloud to assure configuration compliance

·      Assess Controls to assure quality in cloud

·      Assess a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments.

·      Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, Open ID, etc.)

·      CSPM: Integration of accounts, configuration of custom policies (RQL), alert rules, monitoring alerts in PrismaCloud

·      Defining Cloud Goverence policies and Framework based on Industry Standard guidelines like CIS, ISO, PCI DSS etc.

·      Detailed Cloud Architectures validation.

·      CASB evaluation and SaaS Application evaluation at Org level.

·      Cloud Security Posture Management (CSPM) and CWPP Monitoring and evaluation.

·      Defining strategies to improve Org level Cloud compliance score.

·      Preparation of security best practices for cloud IaaS, PaaS and SaaS services.

·      Provide input and feedback on cloud/hybrid security architectures.

·      Assist in investigation and remediation of security misconfigurations and issues.

·      Consult on and provide requirements for critical projects and initiatives.

·      Ensure that the company knows as much as possible, as quickly as possible.

·      Help drive cloud security practices in IaaS PaaS and SaaS implementations.

·      Conduct security assessments to identify areas of risk and ensure any gaps are remediated

·      Create and support configuration of CSPM tool preferably Palo Alto Prisma Cloud and able to work on the integration of tool with all major cloud providers.

·      Help governance, compliance, and risk management teams to ensure the system consistently meets the requirements for benchmarks.

·      Provides clear, consistent, regular communication with all project stakeholders at all levels, including presentations to senior management, creating agendas and meeting minutes.

·      In-depth research of the latest cloud security tools, techniques and best practices and technologies to remain at the bleeding edge.

·      Create and support KPIs and KRIs that measure risk reduction and progress in cloud over time.

·      Builds a great working relationship with team members and the application teams.