Job Description

Job Title : Hands-On Cloud Security Architect Location : Bangalore Job Type : Full-Time Department : Cloud, Information Technology / Security Reports To : CTO Job Overview : We are seeking an experienced Hands-On Cloud Security Architect to secure the architecture and infrastructure of our enterprise product software deployed in the cloud. As a Cloud Security Architect, you will play a critical role in designing, implementing, and maintaining secure cloud environments for our enterprise software solutions. You will directly contribute to securing the product's cloud-based infrastructure, ensuring both security and compliance, while actively collaborating with development, DevOps, and IT teams to incorporate cloud security practices into the software development lifecycle (SDLC). This role requires a hands-on, technical approach, enabling us to maintain a secure, resilient, and scalable product platform. Key Responsibilities : - Design & Implement Secure Cloud Architecture : Secure enterprise product software hosted in both public and private clouds (AWS, Azure, GCP) and integrate security controls into the architecture. - Embed Security into SDLC : Collaborate with development and DevOps teams to integrate cloud security practices into the product development process, ensuring secure APIs, storage, and networking configurations. - OWASP Integration : Ensure adherence to OWASP Top 10 for secure coding practices and mitigate risks like injection attacks and authentication flaws. - Automate Security Controls : Configure and automate security tools for vulnerability management, patching, and incident response in cloud environments. - Hybrid Cloud Security : Secure workloads across both public and private cloud resources, ensuring seamless integration and consistent security policies. - Compliance & Risk Management : Ensure compliance with regulatory frameworks (SOC 2, HIPAA, GDPR) and manage security risks across the cloud infrastructure. - Security Testing : Perform regular penetration testing, vulnerability assessments, and secure code reviews for cloud-hosted enterprise software. - Incident Response & Monitoring : Lead monitoring efforts and respond to security incidents in real time, ensuring the security of the product's cloud infrastructure. Qualifications : - Education : Bachelor's in Computer Science, Information Security, or related field. Advanced certifications (CISSP, CCSP, AWS Certified Security Specialty) are a plus. - Experience : 8+ years of experience in cloud security, with a focus on enterprise product software in the cloud. - At least 3+ years of hands-on experience with major cloud platforms (AWS, Microsoft Azure, or Google Cloud Platform). - Proven experience with securing enterprise software applications and cloud infrastructures. - Strong background in securing complex, large-scale software environments with a focus on infrastructure security, data security, and application security. - Hands-on experience with the OWASP Top 10 and integrating security measures into cloud applications. - Experience with Hybrid Cloud environments and securing workloads that span on-premises and public cloud platforms. Technical Skills : o In-depth experience with cloud service models (IaaS, PaaS, SaaS) and cloud security tools (e.g., AWS Security Hub, Azure Security Center, GCP Security Command Center). - Expertise in securing enterprise applications, including web services, APIs, and microservices deployed in the cloud. - Strong experience with network security, encryption techniques, IAM policies, security automation, and vulnerability management in cloud environments. - Familiarity with container security (Docker, Kubernetes) and serverless computing security. - Hands-on experience with Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, or similar tools. - Knowledge of regulatory compliance requirements such as SOC 2, GDPR, HIPAA, and how they apply to enterprise software hosted in the cloud. Certifications : - Certified Information Systems Security Professional (CISSP) - Certified Cloud Security Professional (CCSP) - AWS Certified Security Specialty, Azure Security Engineer, or equivalent certifications. - Other relevant certifications (e.g., CISM, CISA) are a plus. Soft Skills : - Strong problem-solving and analytical skills with the ability to assess and mitigate cloud security risks. - Excellent written and verbal communication skills, with the ability to explain complex security concepts to technical and non-technical stakeholders. - Collaborative mindset, able to work cross-functionally with engineering, operations, and product teams. - Detail-oriented, with a commitment to maintaining high security standards in all aspects of the enterprise software. Additional Information : Work Environment : - This role can be based in Bangalore - Occasional travel may be required for client meetings or industry conferences. Compensation : - Competitive salary and benefits package, including health insurance