Job
Description
Job_Description":" CloudNative Security Consultant Description of Role: The Security Consultant should have a strongunderstanding of the emerging security practices and standards. Should be ableto consult, engineer and apply security best practices while designing andproposing solutions to our enterprise customers. Should be able to conductsystem security, vulnerability analysis and risk assessment, identify securitygaps, identify integration issues, study architecture/platform and designsecurity architecture. A Cloud Native SecurityConsultant undertakes complex work of a high-risk level,often working on several projects. In this role, you will: Interact with senior stakeholders acrossdepartments Reach and influence a wide range of people acrosslarger teams and communities Research and apply innovative security architecturesolutions to new or existing problems and be able to justify and communicatedesign decisions Develop vision, principles, and strategy forsecurity architects for one project or technology Work out subtle security needs Understand the impact of decisions, balancingrequirements and deciding between approaches Produce patterns and support quality assurance Be the point of escalation for architects inlower-grade roles Lead the technical design of systems and services Qualifications/Experience: Bachelordegree in any stream. Minimum3 years of working experience in Cyber Security Consulting or Advisory. Successfullydelivered at-least 2 (two) Cyber Security consulting and implementationprojects as consultant in recent years (2 years). Certification: Preferred Certification: GIAC Cloud Security Automation (GCSA) Certified Kubernetes Security Specialist (CKS) Certified DevSecOpsProfessional (CDP) KUBERNETES AND CLOUDNATIVE ASSOCIATE (KCNA) OEM certification on CNAPP security products (e.g., Palo Alto Prisma,Checkpoint Cloudguard, Aqua Security etc.) Cloud ServiceProvider Security Certificates (e.g., SC-100, AWS Certified Security-Specialty,GCP Professional Cloud Security Engineer) Pen Tester certification (LPT/ OSCP/GPEN) Certified Security -Specialty **Certification should be valid Responsibilities Belowwill be the scope of the role Collaboratewith teams to build deliver solutions implementing serverless,microservices based, IaaS, PaaS and containerized architecture of multi cloudenvironment Developrule base and parameterized IaC templates for automated deployment usingTerraform BuildCI/CD Pipeline using AWS (CodeBuild, CodeDeploy, CodePipeline), Google (CloudBuild), Azure (DevOps, Pipelines) Integrate3 rd party tool with CICD Process (e.g. SonarQube, CheckMarx, Embold) ConfigManage environment using industry standard DevOps tools (Ansible) Implementscripting to extend build\\deployment\\monitoring process (PowerShell, Bash,Python) Abilityto develop IaC with Terraform Strongunderstanding on Cloud Networking Container,Microservices, Docker, Kubernetes security. NetworkSecurity Orchestration on Microservices environment SecureMicroservice Communication, Secure Authentication to Common DB withoutAPI/password/sharing keys Technicaldocumentation, Product evaluation, POC. Implementation,Migration and Architect of Security Technology and Solution DevOps,DevSecOps and SRE (site reliability Engineering) mindset Knowledge and Skills Candidateshould have experience in the below domains Hands on experience with Cloud Native Application protection CNAPP Tools(Prisma Cloud by Palo Alto, Checkpoint Cloud Guard, Aqua Security) Hands on experience with Automation Tools (e.g., Ansible, Chef, Puppet) Experienced withApplication migration from Monolithic to Microservices Architecture Web ApplicationFirewall implementation experience at Kubernetes and API Gateway Experiencewith implementation of Vulnerability scanner and Container Image repositoryhardening Welldepth understanding on AWS, AZURE, GCP offered services (EKS, AKS, GKE) Understandingand review of Infrastructure as Code (IaC), Compliance as Code (CaC) Updatedwith trends and participation of industry recognized forum (e.g., Cloud NativeComputing Foundation) Experienced withdeliverables on Cloud Security Posture
