Job
Description
Job Overview: We are seeking an experienced Hands-On Cloud Security Architect to secure the architecture and infrastructure of our enterprise product software deployed in the cloud. As a Cloud Security Architect, you will play a critical role in designing, implementing, and maintaining secure cloud environments for our enterprise software solutions. You will directly contribute to securing the product's cloud-based infrastructure, ensuring both security and compliance, while actively collaborating with development, DevOps, and IT teams to incorporate cloud security practices into the software development lifecycle (SDLC). This role requires a hands-on, technical approach, enabling us to maintain a secure, resilient, and scalable product platform. Key Responsibilities: Design & Implement Secure Cloud Architecture: Secure enterprise product software hosted in both public and private clouds (AWS, Azure, GCP) and integrate security controls into the architecture. Embed Security into SDLC: Collaborate with development and DevOps teams to integrate cloud security practices into the product development process, ensuring secure APIs, storage, and networking configurations. OWASP Integration: Ensure adherence to OWASP Top 10 for secure coding practices and mitigate risks like injection attacks and authentication flaws. Automate Security Controls: Configure and automate security tools for vulnerability management, patching, and incident response in cloud environments. Hybrid Cloud Security: Secure workloads across both public and private cloud resources, ensuring seamless integration and consistent security policies. Compliance & Risk Management: Ensure compliance with regulatory frameworks (SOC 2, HIPAA, GDPR) and manage security risks across the cloud infrastructure. Security Testing: Perform regular penetration testing, vulnerability assessments, and secure code reviews for cloud-hosted enterprise software. Incident Response & Monitoring: Lead monitoring efforts and respond to security incidents in real time, ensuring the security of the products cloud infrastructure. Qualifications: Education: Bachelors in Computer Science, Information Security, or related field. Advanced certifications (CISSP, CCSP, AWS Certified Security Specialty) are a plus. Experience: o 8+ years of experience in cloud security, with a focus on enterprise product software in the cloud. o At least 3+ years of hands-on experience with major cloud platforms (AWS, Microsoft Azure, or Google Cloud Platform). o Proven experience with securing enterprise software applications and cloud infrastructures. o Strong background in securing complex, large-scale software environments with a focus on infrastructure security, data security, and application security. o Hands-on experience with the OWASP Top 10 and integrating security measures into cloud applications. o Experience with Hybrid Cloud environments and securing workloads that span on-premises and public cloud platforms. Technical Skills: o In-depth experience with cloud service models (IaaS, PaaS, SaaS) and cloud security tools (e.g., AWS Security Hub, Azure Security Center, GCP Security Command Center). o Expertise in securing enterprise applications, including web services, APIs, and microservices deployed in the cloud. o Strong experience with network security, encryption techniques, IAM policies, security automation, and vulnerability management in cloud environments. o Familiarity with container security (Docker, Kubernetes) and serverless computing security. o Hands-on experience with Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, or similar tools. o Knowledge of regulatory compliance requirements such as SOC 2, GDPR, HIPAA, and how they apply to enterprise software hosted in the cloud. Certifications: o Certified Information Systems Security Professional (CISSP) o Certified Cloud Security Professional (CCSP) o AWS Certified Security Specialty, Azure Security Engineer, or equivalent certifications. o Other relevant certifications (e.g., CISM, CISA) are a plus. Soft Skills: o Strong problem-solving and analytical skills with the ability to assess and mitigate cloud security risks. o Excellent written and verbal communication skills, with the ability to explain complex security concepts to technical and non-technical stakeholders. o Collaborative mindset, able to work cross-functionally with engineering, operations, and product teams. o Detail-oriented, with a commitment to maintaining high security standards in all aspects of the enterprise software. Additional Information: Work Environment: o This role can be based in Bangalore o Occasional travel may be required for client meetings or industry conferences. Compensation: o Competitive salary and benefits package, including health insurance. Additional Information: Work Environment: Based at the office in Bangalore. Occasional travel required. Compensation: Competitive salary and benefits
