14 Cspm Jobs

As a Deputy Director with over 13 years of experience in the IT industry, including 5 years of specialized expertise in Cloud Security and a thorough understanding of the SAFE Agile framework, you will play a crucial role in ensuring the security of our cloud infrastructure. Your responsibilities will encompass driving excellence in security engineering processes, managing SIEM technologies, and actively participating in the SAFE Agile transformation of our IT operations. This role demands a blend of robust technical skills, effective leadership qualities, and a comprehensive grasp of security principles and best practices. In the domain of Cloud Security Engineering, you will be tasked with designing, implementing, and overseeing cloud security architecture across major platforms such as AWS, Azure, and Google Cloud. Your role will involve leading the establishment of secure cloud environments in compliance with industry regulations like GDPR, HIPAA, and NIST. Additionally, you will be responsible for identifying and mitigating security vulnerabilities, deploying cloud-native security tools, defining security policies and compliance rules, and implementing Role-Based Access Control (RBAC), SSO, and API security measures. Your role also entails ensuring the excellence of security engineering practices within the organization. You will lead incident response and remediation efforts, collaborate with DevOps teams to bolster secure pipelines and code practices, and set Key Performance Indicators (KPIs) for security metrics. Furthermore, you will actively drive the SAFE Agile transformation process for IT security teams, ensuring security alignment with Agile principles and facilitating security integration in all development phases. In terms of collaboration and strategy, you will work closely with IT leadership to define and execute a comprehensive security strategy aligned with business objectives. You will also mentor junior security engineers, promote knowledge-sharing practices, and engage in continuous learning to stay abreast of the latest trends and best practices in cloud security, IT security, and Agile methodologies. To qualify for this role, you should possess a minimum of 13 years of IT experience, with at least 5 years dedicated to Cloud Security engineering. Additionally, experience in SAFE Agile processes and implementations, proficiency in cloud platforms and associated security services, and relevant certifications such as CISSP, AWS Certified Security Specialty, and Certified SAFe Program Consultant (SPC) will be advantageous. Strong leadership, communication, and mentoring skills are essential attributes for this role. Join us in our mission to uphold the security of our cloud infrastructure, drive security excellence, and champion Agile transformation within our IT operations.,

Keywords: Cloud Security, Kubernetes Security, SaaS Security, DevSecOps, Infrastructure as Code, CI/CD Security, CSPM, Zero Trust, Cloud-Native Security, Identity and Access Management (IAM), Secrets Management, Threat Modeling, Risk Assessment, Secure SDLC, GitOps, API Security, Container Security Role Overview: Were looking for a Cloud-Native Security Lead to drive the security strategy across our modern cloud-native stack. This role calls for a thoughtful and pragmatic engineer, someone who understands the business context, evaluates trade-offs, and proposes secure, scalable solutions. You should be comfortable navigating ambiguity, using vendor guidance as one input, not the only one, and making decisions grounded in real-world needs. Key Responsibilities: Own and evolve the cloud-native security architecture across Kubernetes, APIs, CI/CD, and serverless platforms Define and implement practical security policies, standards, and controls Partner with engineering and DevOps to embed security early in the SDLC and infrastructure as code Evaluate and integrate security tools (e.g., SAST, DAST, CSPM, secrets management, container scanning) Lead risk assessments, threat modeling, and incident response planning Promote zero-trust principles, IAM best practices, and secure service-to-service communication Mentor teams and advocate for secure-by-design thinking across the organization Ensure security measures align with the pace and priorities of a fast-moving SaaS business Required Qualifications: 7+ years of security experience, including 23 years in cloud-native environments Strong background in SaaS security, with understanding of multitenancy, data isolation, and platform risks Deep knowledge of Kubernetes, containers, cloud platforms (AWS/GCP/Azure), and DevSecOps practices Experience with infrastructure as code (Terraform, CloudFormation), CI/CD pipelines, and GitOps Strong problem-solving skills and ability to weigh business context in security decisions Excellent communication and cross-functional collaboration skills

the Role & responsibilities Develop processes and programs to improve our cloud security Consult with teams on securing their workloads in the cloud Create standards and processes to manage our cloud security posture Support incident response team during cloud incidents Assist cloud architects with security guidance

Cloud Security EngineerCloud Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Senior Cloud Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

Information Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Information Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

Senior Cloud Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Senior Cloud Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

Perforce is a community of collaborative experts, problem solvers, and possibility seekers who believe work should be both challenging and fun. We are proud to inspire creativity, foster belonging, support collaboration, and encourage wellness. At Perforce, you'll work with and learn from some of the best and brightest in business. Before you know it, you'll be in the middle of a rewarding career at a company headed in one direction: upward. With a global footprint spanning more than 80 countries and including over 75% of the Fortune 100, Perforce Software, Inc. is trusted by the world's leading brands to deliver solutions for the toughest challenges. The best run DevOps teams in the world choose Perforce. Position Summary: As a Sr. SecOps Engineer at Perforce, you will be responsible for designing and optimizing the security operations for Perforce's SaaS product portfolio. Your key role involves driving the design and implementation of automated tools and technologies to ensure the security, reliability, and high availability of production and CI/CD environments, applications, and infrastructure. You will lead efforts to establish SecOps best practices across the organization, ensuring adherence to the highest security standards in all environments. Responsibilities: - Develop and implement vulnerability management practices using tools like Qualys, Lacework, Prisma, and Mend (SAST and SCA). - Manage operations/cadence in Vulnerability management, SIEM, and CSPM. - Lead efforts to ensure security incident and event management (SIEM) from code repositories to operating systems, VMs, databases, networks, and applications. - Automate security processes and workflows across CI/CD pipelines, leveraging infrastructure-as-code (IaC) and security automation tools to improve efficiency. - Drive the implementation of security hardening best practices across the infrastructure layers. - Implement and maintain secret scanning tools across CI/CD pipelines to detect and mitigate the exposure of sensitive data. - Advocate and implement security best practices in agile SDLC methodologies and DevSecOps workflows. - Collaborate closely with Developer and DevOps teams to embed security at every stage of development and deployment processes. - Lead and maintain security sprint boards, monitor tasks, and manage risks via Jira and other collaboration tools. - Schedule and run monthly SecOps cadence meetings to report on the organization's security posture, discuss ongoing projects, and address security incidents and mitigations. - Prepare and present comprehensive documentation and reports on security incidents, vulnerability assessments, and audit findings to stakeholders. - Assist with incident response planning, including the triage, investigation, and remediation of security incidents. - Stay updated on the latest security threats, tools, and methodologies to continuously improve security frameworks and policies. Requirements: - Bachelor's or master's degree in computer science, Information Security, Engineering, or a related field. - 7+ years of experience in cybersecurity, security operations, or a similar role in a SaaS/cloud environment. - Strong hands-on experience with security automation tools, vulnerability management tools, and infrastructure-as-code practices. - Proficiency in automating vulnerability scanning, patch management, and compliance monitoring processes across hybrid cloud environments. - Strong understanding of Cloud Security Posture Management (CSPM) tools and practices. - Experience with SIEM tools, secret management, and scanning in CI/CD environments. - Familiarity with hardening techniques across various platforms and driving security sprint boards. - Excellent presentation, communication, and documentation skills. - Knowledge of infrastructure-as-code frameworks and experience in automating security configurations. - Strong problem-solving skills and the ability to work under pressure in a fast-paced environment. - Continuous desire to learn and stay updated on the latest cybersecurity practices and threats. Join our team at Perforce! If you are passionate about technology, want to work with talented individuals globally, and make an impact, apply today!,

Roles and Responsibilities Provide technical support to customers via phone, email, or chat for issues related to Palo Alto firewalls, Checkpoint firewalls, Zscaler, Netskope, FortiGate, Cisco ASA firewalls, pfSense, and other security solutions. Troubleshoot complex network infrastructure issues using various tools such as Wireshark, Tcpdump, MRTG etc. Collaborate with cross-functional teams to resolve customer complaints and improve overall service delivery. Develop knowledge base articles and contribute back to the community through blog posts or documentation. Participate in on-call rotation for 24x7 support team.

Perforce is a community of collaborative experts, problem solvers, and possibility seekers who believe work should be both challenging and fun. We are proud to inspire creativity, foster belonging, support collaboration, and encourage wellness. At Perforce, you'll work with and learn from some of the best and brightest in business. Before you know it, you'll be in the middle of a rewarding career at a company headed in one direction: upward. With a global footprint spanning more than 80 countries and including over 75% of the Fortune 100, Perforce Software, Inc. is trusted by the world's leading brands to deliver solutions for the toughest challenges. The best run DevOps teams in the world choose Perforce. Sr Director of Cloud Operations at Perforce is searching for a Sr. SecOps Engineer to design and optimize the security operations for Perforce's SaaS product portfolio. In this key role, you will drive the design and implementation of automated tools and technologies to ensure the security, reliability, and high availability of our production and CI/CD environments, applications, and infrastructure. You will lead the efforts to establish SecOps best practices across the organization, ensuring that all environments adhere to the highest security standards. Responsibilities: - Develop and implement vulnerability management practices using tools such as Qualys, Lacework, Prisma, and Mend (SAST and SCA). - Experience in managing operations/cadence in Vulnerability management, SIEM, and CSPM. - Lead efforts to ensure security incident and event management (SIEM) from code repositories to operating systems, VMs, databases, networks, and applications. - Automate security processes and workflows across CI/CD pipelines, leveraging infrastructure-as-code (IaC) and security automation tools to eliminate manual work and improve efficiency. - Automate the detection and mitigation of security threats by integrating SIEM tools with incident response workflows. - Drive the implementation of security hardening best practices across the infrastructure, including OS, network, application, and database layers. - Implement and maintain secret scanning tools across CI/CD pipelines to detect and mitigate the exposure of sensitive data. - Advocate and implement security best practices in agile SDLC methodologies and DevSecOps workflows. - Collaborate closely with Developer and DevOps teams to ensure security is embedded at every stage of the development and deployment processes. - Lead and maintain security sprint boards, monitor tasks, and manage risks via Jira and other collaboration tools. - Schedule and run monthly SecOps cadence meetings to report on the organization's security posture, discuss ongoing projects, and address security incidents and mitigations. - Prepare and present comprehensive documentation and reports on security incidents, vulnerability assessments, and audit findings to technical and non-technical stakeholders. - Assist with incident response planning, including the triage, investigation, and remediation of security incidents. - Stay updated on the latest security threats, tools, and methodologies, and continuously improve the security frameworks and policies of Perforce. Requirements: - Bachelor's or master's degree in computer science, Information Security, Engineering, or a related field. - 7+ years of experience in cybersecurity, security operations, or a similar role in a SaaS/cloud environment. - Strong hands-on experience with security automation tools and practices for CI/CD pipeline integration and infrastructure-as-code (IaC). - Hands-on experience with vulnerability management tools such as Qualys, Prisma, Lacework, and Mend (SAST/SCA). - Development/Automation experience to automate the workflows, security operations/tooling by using Python/Ruby/Go. - Proficient in automating vulnerability scanning, patch management, and compliance monitoring processes across hybrid cloud environments. - Strong understanding of Cloud Security Posture Management (CSPM) tools and processes. - Experience with SIEM tools and security monitoring best practices. - Proficient with secret management and scanning in CI/CD environments. - Familiarity with hardening techniques across various platforms (Linux, Windows, network, databases, etc.). - Proficient in driving security sprint boards using Jira or other task management tools. - Excellent presentation and communication skills, with experience in running security meetings and cadence discussions. - Strong documentation skills to ensure security processes and incidents are thoroughly recorded. - Knowledge of infrastructure-as-code frameworks such as Terraform, Ansible, or similar, with experience automating security configurations a plus. - Strong problem-solving skills and the ability to work under pressure in a fast-paced environment. - Continuous desire to learn and stay updated on the latest in cybersecurity practices and threats. If you are passionate about the technology that impacts our day-to-day lives and want to work with talented and dedicated people across the globe, apply today!,

Role Summary We're seeking an experienced Cloud Security Engineer with strong expertise in Azure and GCP platforms. In this role, you'll work at the intersection of cybersecurity and cloud engineering, focusing on implementing security recommendations from Cloud Security Posture Management (CSPM) and Cloud-Native Application Protection Platform (CNAPP) solutions. Key Responsibilities Analyze and prioritize security findings from CSPM and CNAPP tools across Azure, GCP and AWS environments Coordinate and execute remediation activities with cloud engineering teams to address identified vulnerabilities Lead the deployment, configuration, and maintenance of CSPM and CNAPP solutions Develop and implement security automation to streamline remediation processes Create and maintain cloud security documentation, including policies, procedures, and architectural diagrams Participate in security incident response for cloud-related events Provide cloud security expertise during new service deployments and architecture reviews Stay current with evolving cloud security best practices, threats, and compliance requirements Qualifications 4+ years of experience in cloud security across Azure and GCP platforms Demonstrable experience with CSPM and CNAPP tools and methodologies Strong understanding of cloud-native security controls, including IAM, encryption, network security, and logging/monitoring Proficiency in security automation using tools like Terraform, Azure ARM templates, or GCP Deployment Manager Experience with Kubernetes and other containerisation technologies Experience with cloud security frameworks and compliance standards (e.g., CIS, NIST, SOC2) Strong knowledge of DevSecOps principles and practices Excellent communication skills to effectively coordinate with various technical teams Preferred Skills Relevant security certifications (e.g., CCSP, Azure Security Engineer, GCP Professional Cloud Security Engineer) Experience with container security and Kubernetes environments Familiarity with cloud security APIs and CLI tools Background in security architecture or engineering Experience with cloud infrastructure as code (IaC) security scanning

What You'll Do Join us in building a secure, scalable, and experienced platform to support Avalara's expanding business and global customer base. As a Senior Application Security Engineer , you'll work with world-class engineers and architects to ensure security is embedded in everything we buildboth in today's systems and the future of our architecture. This role is perfect for someone passionate about automation, cloud-native security, and AI-driven application defense . You'll help shape the future of Avalara Security , driving security as code, ensuring automation-first practices, and integrating modern AI tooling into security workflows. You understand the value of developer empathy, moves quickly without sacrificing quality, and excels in an environment that combines startup energy with enterprise scale. Job Responsibilities You will build, maintain, and continuously improve an automated security pipeline framework integrated into our CI/CD environments. You will lead development of Infrastructure-as-Code and Policy-as-Code for application security enforcement and consistency across environments. You will evaluate and integrate security tools (SAST, DAST, SCA, CSPM, EDR) and AI-based solutions into engineering workflows and CI/CD pipelines. You will provide applicable guidance and mentorship to development and Avalara Security engineering teams on secure development best practices. Investigate, prototype, and apply AI/ML-based solutions for application behavior analysis, anomaly detection, and threat hunting. Promote security by design across the organization, and help foster a security-first culture. Contribute to the continuous refinement of the SDLC to ensure security is smooth, consistent, and measurable. What You'll Need to be Successful Required Qualifications 8+ years of experience in application security, secure software development , or security engineering. Strong programming proficiency in Python and GoLang (hands-on). Experience with secure SDLC practices and CI/CD pipeline integration. Strong hands-on experience with Kubernetes , container security, and cloud infrastructure security preferably AWS and GCP . Experience with Infrastructure-as-Code (IaC) tools like Terraform or CloudFormation. Working knowledge of cryptographic protocols and standards: TLS, OAuth, SAML, JWT , etc. Familiarity with Git , modern source control practices, and agile development methodologies. Experience working with a broad range of security tools , including: Tenable , Wiz (Cloud Security Posture Management) Checkmarx , Mend (SAST, SCA) Acunetix , Burp Suite (DAST) CrowdStrike (EDR/XDR) Bachelor's Degree in Computer Science, Engineering, or a related field. Proven experience contributing to security automation efforts within a security organization like Avalara Security . Experience with AI/ML tools and frameworks applied to application security or behavior analytics. Security certifications such as OSWE, CSSLP, AWS Security Specialty, or Kubernetes Security Specialist. Passion for enabling developer-friendly security solutions and maximum automation.

Roles & Responsibilities:- Design and implement secure AWS cloud architectures aligned with business and compliance requirements. Automate security controls and integrate them into CI/CD pipelines Manage and monitor AWS security tools such as GuardDuty, Security Hub, and CloudTrail Develop and enforce IAM policies using least privilege principles Conduct threat modeling, vulnerability assessments, and cloud security posture evaluations Ensure compliance with standards like SOC 2, ISO 27001, and NIST Support audit readiness and implement risk treatment plans Collaborate with DevOps teams to embed security in cloud deployments Promote DevSecOps culture across development and operations teams Create and maintain security-as-code using CloudFormation, Terraform, and scripting Automate detection, remediation, and incident response processes Provide security guidance during cloud migrations and new service adoptions Qualification:- Bachelors in Cybersecurity, Computer Science, or related field (Masters preferred) 7+ years in cybersecurity, with 5+ years in cloud security Strong expertise in AWS security tools (GuardDuty, Security Hub, IAM, KMS, CloudTrail) Familiar with cloud security frameworks (AWS Well-Architected, NIST CSF, CSA CCM) Experience in securing CI/CD pipelines and implementing IaC security (CloudFormation/Terraform) Hands-on with CSPM tools and automated security validation Deep understanding of IAM principles and DevSecOps practices Proficient in scripting (Python, Bash) for automation Strong knowledge of network, container, and serverless security Excellent communication skills (verbal and written) Certifications: AWS Security Specialty, CCSP, CISSP, or equivalent Preferred Qualifications :- Experience with multi-cloud (AWS, Azure, GCP) security Understanding of regulatory frameworks (e.g., GDPR, HIPAA, ISO) Hands-on with container security (Docker, Kubernetes, ECS/EKS) Experience with Zero Trust security models in cloud Familiarity with automated incident response and cloud-native tools Knowledge of Hashicorp Vault or similar tools for secrets management Experience securing data lakes and analytics platforms Worked with CWPP and serverless security best practices Cloud security experience in energy efficiency/sustainability domains Experience in cloud threat modeling and collaborating with global teams

Role & responsibilities Good interpersonal skills (written and oral communication) and ability to articulate complex issues Ability to communicate technical information clearly and concisely, commensurate with the audience Conceptual thinking and communication skills the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Good communicator (written and verbal) and listener. Must be a team player and motivated self-starter with ability to work independently with limited supervision. Must be assertive, methodical and detail oriented Technical Experience: Must have worked on Palo Alto Prisma cloud Experience in cloud security and understanding of basic principles Experience in CSPM, CIEM, and CWP Knowledge of cloud service providers (majorly Azure and GCP) and their technologies Mandatory skill sets: Palo Alto Prisma Cloud Preferred skill sets: CSPM , CIEM , CWP , Azure & GCP

Job Title: Cloud Security Department: Technology Consulting Location: Gurgaon Overview: We are seeking a highly skilled and experienced Cloud Security Manager to join our team. The ideal candidate will be responsible for overseeing the development, implementation, and maintenance of cloud security measures to protect the organization's cloud-based assets. The Cloud Security Manager will work closely with various teams to ensure compliance with industry standards and regulatory requirements. Key Responsibilities: Develop and implement cloud security policies and procedures to protect the organization's cloud-based assets Monitor and analyze security vulnerabilities and threats in the cloud environment Conduct regular security assessments and audits to identify and address potential risks Collaborate with cross-functional teams to ensure compliance with industry standards and regulatory requirements Manage incident response and resolution processes related to cloud security incidents Stay up-to-date on the latest security trends and technologies to enhance the organization's cloud security posture Qualifications: Bachelor's degree in Computer Science, Information Technology, or related field Certified Network Associate in Cloud Security (CNAPS) certification Certified Security Professional Manager (CSPM) certification Minimum of X years of experience in cloud security management in a large enterprise environment Strong knowledge of cloud security best practices, tools, and technologies Excellent communication and interpersonal skills Ability to work effectively in a fast-paced and dynamic environment