27 Cspm Jobs

As a Cloud Security Architect at Happiest Minds Technologies, you will be responsible for ensuring the secure deployment and management of private and public cloud environments, virtualized infrastructure, and containerization platforms. Your expertise in encryption, hashing, and networking protocols will be crucial in implementing and maintaining cloud security solutions. You will also work hands-on with AWS/Azure security services, IaC (Terraform), and deployment models to enhance the security posture of the organization. Key Responsibilities: - Implement encryption, hashing, and networking protocols to secure cloud environments - Deploy and manage cloud infrastructure using AWS/Azure services - Utilize IaC (Terraform) for automating cloud deployment processes - Collaborate with cross-functional teams to integrate security solutions across different technologies and platforms - Stay updated with the latest cloud security technologies and best practices - Obtain relevant OEM certifications (VMware/Azure/GCP/AWS/OCI) and additional technical certifications (CISA/CISM/CISSP/CompTIA Security+) to enhance your expertise Qualifications Required: - 12-16 years of experience in cloud security architecture - Hands-on experience with Azure, AWS, GCP, VMware Cloud Foundation, and OCI - Proficiency in Tanzu Kubernetes Grid, Openshift, and Devsecops methodologies - Familiarity with CASB, CSPM, CWPP, CNAPP, micro-segmentation, and virtualization/containerization technologies - Strong understanding of high availability concepts in cloud environments Join Happiest Minds Technologies as a Cloud Security Architect and contribute to building secure and resilient cloud infrastructure for our clients.,

Role & responsibilities : Perform comprehensive security reviews of infrastructure, applications, and cloud deployments. Analyze and assess security configurations across Cloud environments (Azure, AWS and GCP) Monitor and evaluate security alerts and incidents, collaborating with SOC teams for resolution. Conduct targeted security assessments of cloud-hosted assets to identify misconfigurations, enforce compliance, and improve operational security posture. Provide recommendations to improve security posture and reduce risk exposure Utilize Cloud Security tools to assess and remediate vulnerabilities. Cyber security reviews of cloud-hosted assets, including infrastructure resources, applications and associated configurations. Develop and maintain security documentation, including review reports and risk assessments. Collaborate with cross-functional teams to embed security best practices. Stay updated on emerging threats, vulnerabilities, and compliance requirements. Automate routine security tasks using scripting or orchestration tools (e.g., Python, PowerShell, Terraform). Administer and manage Cloud Security Posture Management (CSPM) tools including Microsoft Defender for Cloud (MDC), Prisma Cloud, Wiz, etc. Primary skills: MDC (Microsoft Defender for Cloud and Prisma Cloud. Experience on Wiz is a plus. Integrate security controls into CI/CD pipelines (DevSecOps) Knowledge around IAM concepts and reviews of least privilege access across cloud and enterprise systems. Perform/Familiarity around container security assessments (Kubernetes, Docker, Sandbox) and ensure secure configurations. Apply cloud security frameworks and best practices (e.g., CSA CCM, Azure Security Benchmark) Leverage AI/ML-based threat detection tools to enhance security operations and reduce false positives. Preferred candidate profile 58 years of experience in Cybersecurity, with a focus on security reviews and operations. Hands-on experience with Cloud Security Posture Management (CSPM) tools such as Microsoft Defender for Cloud, Prisma Cloud, Wiz, etc. Hands-on experience in cloud security operations, cloud asset reviews, including infrastructure, applications, resources and associated configurations. Proficiency in cloud-native security solutions across Microsoft Azure, AWS, or GCP. Familiarity with vulnerability scanners (Qualys, Tenable), SIEM platforms (Splunk, Sentinel), and ticketing systems (ServiceNow), SecOps. Strong understanding of networking protocols, Firewalls, IDS/IPS, NSG, NACL , DDOS, VPN and WAF technologies. Deep understanding of Cyber Security Standards and Frameworks such as NIST 800-61R2, OWASP, CIS. Experience with incident response workflows. Excellent analytical, communication, and documentation skills Mandatory certifications: SC-100/ SC-200/ AZ-500/ ISC2 CC/ CompTIA Security+ or equivalent. Additional certifications like CEH, CCSP, CISA, CRISC, CISM are a plus.

As a member of our Information Technology team in Hyderabad, you will play a crucial role in driving security excellence across our technology stack to enable business innovation. Your responsibilities will include owning critical security platforms, monitoring security systems for real-time anomalies, and collaborating with internal stakeholders to enhance security outcomes. Additionally, you will be expected to assess and prioritize security risks aligned with business impact, contribute to security strategy development, and drive automation of security tasks. To excel in this role, you should have at least five years of experience in cybersecurity, with demonstrated expertise across multiple security domains such as network, cloud, application, identity, etc. You must have a track record of owning security outcomes end-to-end, translating technical risks into business language, and influencing stakeholders without direct authority. Technical breadth, an ownership mindset, and the ability to drive measurable security risk reduction will be key to your success. Experience with AI security practices, Shift Left Security practices, cloud security configuration, and monitoring tools like CSPM and CNAPP will be advantageous. Proficiency in using tools such as Terraform, Azure ARM templates, or GCP Deployment Manager will also be beneficial for this role. Success in this position will be defined by your ability to proactively identify security issues, drive operational excellence, and contribute to building a strong security culture within the organization. As a self-aware, agile, and innovative individual, you will leverage diversity in tasks and projects, taking responsibility for yourself and others. Your exceptional execution skills, achievement focus, and ability to set clear objectives aligned with performance goals will be crucial in achieving desired outcomes. You should also be adept at facilitating challenging performance conversations in a timely and appropriate manner to drive continuous improvement in security capabilities.,

About the Role: Drive security excellence across our technology stack whilst enabling business innovation. This role demands a generalist mindset with deep expertise, combining hands-on technical capability with strategic thinking to protect and enable Quantium's data-driven business. Key Responsibilities: Security Platform Ownership : end-to-end responsibility for critical security platforms Detection and Response : real-time monitoring of security systems and applications, investigating anomalies, and escalating critical events to senior security and IT staff Risk-based decision making: independently assess, prioritise and remediate security risks aligned to business impact Cross-domain security : impact across multiple domains such as cloud security, application security, infrastructure security initiatives, detection and response etc. Collaborate: Partner with internal stakeholders to improve security outcomes, as well as with internal development teams to build pragmatic security solutions Drive automation of repetitive security tasks Show strong ownership of security issues and work to resolve and escalate where needed Contribute to security strategy and roadmap development\ Experience, Education & Skills: Demonstrated experience across at least 3 security domains (network, cloud, application, identity, AI, offensive, defensive, response, forensics etc.) Five years of experience in cybersecurity Track record of owning security outcomes end-to-end Experience translating technical risks into business language Provide ability to influence without authority Technical breadth Ownership mindset The Following Skills and Experience Would Be an Advantage: Experience with AI Security practices and securing AI/ML systems Experience with Shift Left Security practices, including secure coding, DevSecOps, and security integration in CI/CD pipelines Experience with Cloud (Azure, GCP, AWS) Security configuration, and monitoring Experience with CSPM and CNAPP tools and methodologies Using tools like Terraform, Azure ARM templates, or GCP Deployment Manager What Does Success Look Like? Drive measurable security risk reduction Proactive identification of issues and continuous improvement of security capabilities Help build a strong security culture Ensure operational excellence Key People and Leadership Capabilities: 1. Self-aware - you leverage diversity across people, tasks, and projects, taking responsibility for self and others. 2. Agile and innovative - you possess strong lateral thinking skills. 3. Achieve and perform - you have exceptional execution skills and are achievement focused. 4. Purposeful and aligned - you can set clear, tangible objectives which deliver against your performance objectives. 5. Achievement oriented - you effectively facilitate challenging performance related conversations in a timely and appropriate manner.

In our always on world, it is essential to have a genuine connection with the work you do. If you are excited by a challenge and driven by learning and growth, then joining CommScope's cybersecurity team in Hyderabad may be the right next step for you. As a Cyber Security Engineer at CommScope, you will serve as a key individual contributor on the Security Architecture and Engineering team. Your responsibilities will include designing, implementing, maintaining, monitoring, and managing key technical security systems/controls that protect the business. Success in this role will require a foundational understanding of technology stacks, security tooling, and securing cloud environments such as Azure, GCP, and AWS. Ideal candidates will be willing to enhance their technical skills by working on a broad range of security technical controls in an environment where their contribution will make a difference. Your work will play a critical role in our organization's cyber security success. CommScope's security team takes pride in protecting the people, processes, and technologies that serve our customers, ensuring billions of connections each day. Join us and pursue your personal best! As a Cyber Security Engineer at CommScope, you will: - Implement, maintain, monitor, and manage cyber security systems and controls. - Deliver projects on time, within budget, and in accordance with service level agreements (SLAs). - Collaborate with various teams including architects, senior engineers, the security operations center (SOC), incident responders, and technology infrastructure and development team members. - Participate in change management meetings and conduct performance and efficacy testing of security solutions. - Collaborate with team members to develop technical security standards and best practices. - Articulate common practices and tactics used by malicious software and threat actors to other IT teams. - Assist the Governance, Risk, and Compliance team in answering technical questions from auditors and clients. Required Qualifications: - A bachelor's degree with preferably 4+ years of cyber security experience. - Hands-on experience in implementing and supporting at least 2 security capabilities. - Previous professional experience in other IT/technical domains and strong communication skills. - Analytical and critical thinking skills. - Strong interpersonal, written, and oral communication skills. - Customer service and solution-focused orientation. - Ambitious, disciplined, and self-starter. Desired Skills: - Hands-on experience with a major public cloud provider like Azure, AWS, or GCP. - Significant familiarity with Azure security controls and services. - Familiarity with Netskope and Palo Alto Networks firewalls. Join CommScope on a quest to deliver connectivity that empowers how we live, work, and learn. Push the boundaries of communications technology with us and be ready for the needs of tomorrow. Grow your career alongside bright, passionate, and caring individuals who strive to create what's next. Come connect to your future at CommScope.,

Role & RESPONSIBILTY Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Perform risk assessments on various applications, services, and infrastructure components. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks and provide actionable recommendations for risk mitigation. Stay up to date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk. Establish and sustain long-term profitable client relationships that drive value creation, delivery excellence and a positive client work environment. Manages client expectations and client satisfaction. Acts as an advisor and partner to the client. Design, develop and implement business strategies for clients to implement new and different approaches to business based on the innovation approach. REQUIREMENTS: A minimum of 4+ years of hands-on experience in conducting cyber risk assessments and related security assessments. Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices. Proficiency in using various security assessment and techniques. Conceptual knowledge of OT security (OT systems and networks), ISA/IEC 62443 standard is preferable. Ability to apply knowledge of cyber security to OT/SACAD systems to implement new cyber defence/resiliency technique. Working knowledge of cybersecurity policies and standards using NIST 800-82 and IEC 62443. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Knowledge on GDPR/PCI-DSS/NIST/Privacy Hands on experience on technologies like Zscaler, networking devices, cloud computing is preferable. Conduct end-to-end risk assessments (impact assessments, regulatory assessments, control assessments) Information security risk assessments for cloud services, vendor developed/ managed applications. >> SELECTION PROCESS Candidates should expect 2-3 rounds of personal or telephonic interviews to assess fitment and communication skills. >> CRITERIA Education 60% above throughout academics One 3 years (at least) regular course is must either Diploma or Graduation Course: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalent Minimum 3 years of hands-on experience in conducting cyber risk assessments. Certification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/20000 LI/LA (At least one) CCNA / CCNP or equivalent(optional) Relevant certifications in OT security (GICSP, ISA/IEC-62443 or equivalent)

You should have significant experience in deploying and managing private and public cloud deployments, virtualized environments, and containerization platforms. You must possess hands-on experience in deploying cloud infrastructure and cloud security technology. It is essential that you have experience working with Azure, AWS, GCP, VMware Cloud Foundation, and OCI. Additionally, experience with Tanzu Kubernetes Grid, Openshift, OCI, and Devsecops is required. You should also have expertise in inter-technology, inter-OEM, inter-datacentre, and inter-cloud integration from a security perspective. Experience in Cloud Security Solutions is a must. Proficiency in Cloud Security Solutions and Cloud Technologies such as CASB, CSPM, CWPP, CNAPP, Micro segmentation, Virtualization technologies, and containerization technologies is necessary. A thorough understanding of the concept of high availability is important for this role. Education qualifications include a BE/B.Tech, MCA/BCA, B.Sc, or M.Sc in computers.,

Job Description for a Presales Engineer specializing in Application Security and Vulnerability Scanning/Testing Tools: Job Title: Presales Engineer Application Security & Vulnerability Management Location: Mumbai Job Type: Full-Time Role Summary As a Presales Engineer focused on Application Security and Vulnerability Testing tools, you will play a pivotal role in driving technical sales engagements. You will work closely with sales teams to understand customer requirements, demonstrate product capabilities, and design solutions that address security challenges across web, mobile, and cloud environments. Key Responsibilities Collaborate with sales teams to understand client needs and propose tailored security solutions Deliver product demos and technical presentations for tools such as: DAST, SAST, SCA, IAST and API scanning tools Lead Proof of Concept (PoC) engagements and pilot deployments Respond to RFPs with detailed technical documentation Map product capabilities to customer use cases and compliance requirements Design end-to-end security testing workflows integrating DAST, SAST, SCA, IAST and API scanning tools Recommend DevSecOps integrations with CI/CD pipelines (e.g., Jenkins, GitLab, Azure DevOps) Lead onboarding and implementation of tools Troubleshoot deployment issues and guide remediation strategies Required Skills & Experience 5+ years of experience in application security, vulnerability management, or technical presales Hands-on knowledge of Application security testing tools like AppScan, Checkmarx and Fortify. etc. Strong understanding of methodologies: DAST, SAST, SCA, IAST, API Security, CSPM, DevSecOps Familiarity with secure software development lifecycle (SSDLC) Understanding of Software applications and IT Infrastructure Knowledge of web technologies (HTTP, REST, JavaScript, HTML, etc.) Knowledge of networking, operating systems and security concepts Understanding of programming languages: Java, .NET, Python, JavaScript, C/C++, etc. Experience with CI/CD tools (Jenkins, GitLab, Azure DevOps) and cloud platforms (AWS, Azure, GCP) Experience with scripting languages (Python, Bash, PowerShell) Lead onboarding and implementation of the tools Troubleshooting skills Excellent communication, presentation, and stakeholder engagement skills Preferred Qualifications Bachelors degree in Computer Science, Cybersecurity, or related field Certifications related to Application Security testing tools Experience with cloud platforms (AWS, Azure, GCP) and container security Experience with secure coding practices Exposure to container security and cloud-native application protection Prior experience in a customer-facing technical role

As a Cloud Security Solution Architect, you will play a crucial role in designing, implementing, and overseeing secure cloud architectures across various environments - public, private, and hybrid. With over 10 years of IT experience, including at least 5 years dedicated to Cloud Security and Architecture, you will bring deep expertise in cloud security frameworks, compliance, and best practices. Your responsibilities will include developing and maintaining secure cloud reference architectures that meet business and compliance requirements. You will define security controls for cloud networking, identity & access, encryption, and application workloads, as well as architect and review multi-cloud security solutions, including hybrid integrations. Ensuring adherence to industry standards such as ISO 27001, NIST, CIS, and regulatory requirements like GDPR, HIPAA, PCI-DSS will be a key part of your role. You will also be responsible for implementing cloud security governance frameworks, policies, and monitoring strategies to mitigate risks effectively. In collaboration with application, infrastructure, and DevOps teams, you will embed security in all cloud initiatives. Additionally, you will lead security architecture reviews and provide technical guidance to engineers, making sure that security is a top priority throughout the cloud environment. To excel in this role, you must have proven expertise in securing workloads on AWS, Azure, and/or Google Cloud Platform. Proficiency in cloud-native security services, hands-on experience with IAM, SSO, MFA, RBAC, network security, encryption, PKI, key management, and familiarity with DevSecOps practices are essential. Knowledge of security monitoring tools and strong problem-solving, documentation, and stakeholder communication skills will be instrumental in your success. While not mandatory, possessing security certifications such as CCSP, AWS Certified Security Specialty, Azure Security Engineer Associate, or GCP Professional Cloud Security Engineer would be beneficial. Additionally, knowledge of Zero Trust Architecture, SASE frameworks, experience with security automation, and SOAR platforms are considered advantageous. Ideally, you should hold a Bachelors or Masters degree in Computer Science, Information Security, or a related field to be well-equipped for this challenging and rewarding position.,

As a Deputy Director with over 13 years of experience in the IT industry, including 5 years of specialized expertise in Cloud Security and a thorough understanding of the SAFE Agile framework, you will play a crucial role in ensuring the security of our cloud infrastructure. Your responsibilities will encompass driving excellence in security engineering processes, managing SIEM technologies, and actively participating in the SAFE Agile transformation of our IT operations. This role demands a blend of robust technical skills, effective leadership qualities, and a comprehensive grasp of security principles and best practices. In the domain of Cloud Security Engineering, you will be tasked with designing, implementing, and overseeing cloud security architecture across major platforms such as AWS, Azure, and Google Cloud. Your role will involve leading the establishment of secure cloud environments in compliance with industry regulations like GDPR, HIPAA, and NIST. Additionally, you will be responsible for identifying and mitigating security vulnerabilities, deploying cloud-native security tools, defining security policies and compliance rules, and implementing Role-Based Access Control (RBAC), SSO, and API security measures. Your role also entails ensuring the excellence of security engineering practices within the organization. You will lead incident response and remediation efforts, collaborate with DevOps teams to bolster secure pipelines and code practices, and set Key Performance Indicators (KPIs) for security metrics. Furthermore, you will actively drive the SAFE Agile transformation process for IT security teams, ensuring security alignment with Agile principles and facilitating security integration in all development phases. In terms of collaboration and strategy, you will work closely with IT leadership to define and execute a comprehensive security strategy aligned with business objectives. You will also mentor junior security engineers, promote knowledge-sharing practices, and engage in continuous learning to stay abreast of the latest trends and best practices in cloud security, IT security, and Agile methodologies. To qualify for this role, you should possess a minimum of 13 years of IT experience, with at least 5 years dedicated to Cloud Security engineering. Additionally, experience in SAFE Agile processes and implementations, proficiency in cloud platforms and associated security services, and relevant certifications such as CISSP, AWS Certified Security Specialty, and Certified SAFe Program Consultant (SPC) will be advantageous. Strong leadership, communication, and mentoring skills are essential attributes for this role. Join us in our mission to uphold the security of our cloud infrastructure, drive security excellence, and champion Agile transformation within our IT operations.,

Keywords: Cloud Security, Kubernetes Security, SaaS Security, DevSecOps, Infrastructure as Code, CI/CD Security, CSPM, Zero Trust, Cloud-Native Security, Identity and Access Management (IAM), Secrets Management, Threat Modeling, Risk Assessment, Secure SDLC, GitOps, API Security, Container Security Role Overview: Were looking for a Cloud-Native Security Lead to drive the security strategy across our modern cloud-native stack. This role calls for a thoughtful and pragmatic engineer, someone who understands the business context, evaluates trade-offs, and proposes secure, scalable solutions. You should be comfortable navigating ambiguity, using vendor guidance as one input, not the only one, and making decisions grounded in real-world needs. Key Responsibilities: Own and evolve the cloud-native security architecture across Kubernetes, APIs, CI/CD, and serverless platforms Define and implement practical security policies, standards, and controls Partner with engineering and DevOps to embed security early in the SDLC and infrastructure as code Evaluate and integrate security tools (e.g., SAST, DAST, CSPM, secrets management, container scanning) Lead risk assessments, threat modeling, and incident response planning Promote zero-trust principles, IAM best practices, and secure service-to-service communication Mentor teams and advocate for secure-by-design thinking across the organization Ensure security measures align with the pace and priorities of a fast-moving SaaS business Required Qualifications: 7+ years of security experience, including 23 years in cloud-native environments Strong background in SaaS security, with understanding of multitenancy, data isolation, and platform risks Deep knowledge of Kubernetes, containers, cloud platforms (AWS/GCP/Azure), and DevSecOps practices Experience with infrastructure as code (Terraform, CloudFormation), CI/CD pipelines, and GitOps Strong problem-solving skills and ability to weigh business context in security decisions Excellent communication and cross-functional collaboration skills

the Role & responsibilities Develop processes and programs to improve our cloud security Consult with teams on securing their workloads in the cloud Create standards and processes to manage our cloud security posture Support incident response team during cloud incidents Assist cloud architects with security guidance

Cloud Security EngineerCloud Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Senior Cloud Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

Information Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Information Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

Senior Cloud Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Senior Cloud Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

Perforce is a community of collaborative experts, problem solvers, and possibility seekers who believe work should be both challenging and fun. We are proud to inspire creativity, foster belonging, support collaboration, and encourage wellness. At Perforce, you'll work with and learn from some of the best and brightest in business. Before you know it, you'll be in the middle of a rewarding career at a company headed in one direction: upward. With a global footprint spanning more than 80 countries and including over 75% of the Fortune 100, Perforce Software, Inc. is trusted by the world's leading brands to deliver solutions for the toughest challenges. The best run DevOps teams in the world choose Perforce. Position Summary: As a Sr. SecOps Engineer at Perforce, you will be responsible for designing and optimizing the security operations for Perforce's SaaS product portfolio. Your key role involves driving the design and implementation of automated tools and technologies to ensure the security, reliability, and high availability of production and CI/CD environments, applications, and infrastructure. You will lead efforts to establish SecOps best practices across the organization, ensuring adherence to the highest security standards in all environments. Responsibilities: - Develop and implement vulnerability management practices using tools like Qualys, Lacework, Prisma, and Mend (SAST and SCA). - Manage operations/cadence in Vulnerability management, SIEM, and CSPM. - Lead efforts to ensure security incident and event management (SIEM) from code repositories to operating systems, VMs, databases, networks, and applications. - Automate security processes and workflows across CI/CD pipelines, leveraging infrastructure-as-code (IaC) and security automation tools to improve efficiency. - Drive the implementation of security hardening best practices across the infrastructure layers. - Implement and maintain secret scanning tools across CI/CD pipelines to detect and mitigate the exposure of sensitive data. - Advocate and implement security best practices in agile SDLC methodologies and DevSecOps workflows. - Collaborate closely with Developer and DevOps teams to embed security at every stage of development and deployment processes. - Lead and maintain security sprint boards, monitor tasks, and manage risks via Jira and other collaboration tools. - Schedule and run monthly SecOps cadence meetings to report on the organization's security posture, discuss ongoing projects, and address security incidents and mitigations. - Prepare and present comprehensive documentation and reports on security incidents, vulnerability assessments, and audit findings to stakeholders. - Assist with incident response planning, including the triage, investigation, and remediation of security incidents. - Stay updated on the latest security threats, tools, and methodologies to continuously improve security frameworks and policies. Requirements: - Bachelor's or master's degree in computer science, Information Security, Engineering, or a related field. - 7+ years of experience in cybersecurity, security operations, or a similar role in a SaaS/cloud environment. - Strong hands-on experience with security automation tools, vulnerability management tools, and infrastructure-as-code practices. - Proficiency in automating vulnerability scanning, patch management, and compliance monitoring processes across hybrid cloud environments. - Strong understanding of Cloud Security Posture Management (CSPM) tools and practices. - Experience with SIEM tools, secret management, and scanning in CI/CD environments. - Familiarity with hardening techniques across various platforms and driving security sprint boards. - Excellent presentation, communication, and documentation skills. - Knowledge of infrastructure-as-code frameworks and experience in automating security configurations. - Strong problem-solving skills and the ability to work under pressure in a fast-paced environment. - Continuous desire to learn and stay updated on the latest cybersecurity practices and threats. Join our team at Perforce! If you are passionate about technology, want to work with talented individuals globally, and make an impact, apply today!,

Roles and Responsibilities Provide technical support to customers via phone, email, or chat for issues related to Palo Alto firewalls, Checkpoint firewalls, Zscaler, Netskope, FortiGate, Cisco ASA firewalls, pfSense, and other security solutions. Troubleshoot complex network infrastructure issues using various tools such as Wireshark, Tcpdump, MRTG etc. Collaborate with cross-functional teams to resolve customer complaints and improve overall service delivery. Develop knowledge base articles and contribute back to the community through blog posts or documentation. Participate in on-call rotation for 24x7 support team.

Perforce is a community of collaborative experts, problem solvers, and possibility seekers who believe work should be both challenging and fun. We are proud to inspire creativity, foster belonging, support collaboration, and encourage wellness. At Perforce, you'll work with and learn from some of the best and brightest in business. Before you know it, you'll be in the middle of a rewarding career at a company headed in one direction: upward. With a global footprint spanning more than 80 countries and including over 75% of the Fortune 100, Perforce Software, Inc. is trusted by the world's leading brands to deliver solutions for the toughest challenges. The best run DevOps teams in the world choose Perforce. Sr Director of Cloud Operations at Perforce is searching for a Sr. SecOps Engineer to design and optimize the security operations for Perforce's SaaS product portfolio. In this key role, you will drive the design and implementation of automated tools and technologies to ensure the security, reliability, and high availability of our production and CI/CD environments, applications, and infrastructure. You will lead the efforts to establish SecOps best practices across the organization, ensuring that all environments adhere to the highest security standards. Responsibilities: - Develop and implement vulnerability management practices using tools such as Qualys, Lacework, Prisma, and Mend (SAST and SCA). - Experience in managing operations/cadence in Vulnerability management, SIEM, and CSPM. - Lead efforts to ensure security incident and event management (SIEM) from code repositories to operating systems, VMs, databases, networks, and applications. - Automate security processes and workflows across CI/CD pipelines, leveraging infrastructure-as-code (IaC) and security automation tools to eliminate manual work and improve efficiency. - Automate the detection and mitigation of security threats by integrating SIEM tools with incident response workflows. - Drive the implementation of security hardening best practices across the infrastructure, including OS, network, application, and database layers. - Implement and maintain secret scanning tools across CI/CD pipelines to detect and mitigate the exposure of sensitive data. - Advocate and implement security best practices in agile SDLC methodologies and DevSecOps workflows. - Collaborate closely with Developer and DevOps teams to ensure security is embedded at every stage of the development and deployment processes. - Lead and maintain security sprint boards, monitor tasks, and manage risks via Jira and other collaboration tools. - Schedule and run monthly SecOps cadence meetings to report on the organization's security posture, discuss ongoing projects, and address security incidents and mitigations. - Prepare and present comprehensive documentation and reports on security incidents, vulnerability assessments, and audit findings to technical and non-technical stakeholders. - Assist with incident response planning, including the triage, investigation, and remediation of security incidents. - Stay updated on the latest security threats, tools, and methodologies, and continuously improve the security frameworks and policies of Perforce. Requirements: - Bachelor's or master's degree in computer science, Information Security, Engineering, or a related field. - 7+ years of experience in cybersecurity, security operations, or a similar role in a SaaS/cloud environment. - Strong hands-on experience with security automation tools and practices for CI/CD pipeline integration and infrastructure-as-code (IaC). - Hands-on experience with vulnerability management tools such as Qualys, Prisma, Lacework, and Mend (SAST/SCA). - Development/Automation experience to automate the workflows, security operations/tooling by using Python/Ruby/Go. - Proficient in automating vulnerability scanning, patch management, and compliance monitoring processes across hybrid cloud environments. - Strong understanding of Cloud Security Posture Management (CSPM) tools and processes. - Experience with SIEM tools and security monitoring best practices. - Proficient with secret management and scanning in CI/CD environments. - Familiarity with hardening techniques across various platforms (Linux, Windows, network, databases, etc.). - Proficient in driving security sprint boards using Jira or other task management tools. - Excellent presentation and communication skills, with experience in running security meetings and cadence discussions. - Strong documentation skills to ensure security processes and incidents are thoroughly recorded. - Knowledge of infrastructure-as-code frameworks such as Terraform, Ansible, or similar, with experience automating security configurations a plus. - Strong problem-solving skills and the ability to work under pressure in a fast-paced environment. - Continuous desire to learn and stay updated on the latest in cybersecurity practices and threats. If you are passionate about the technology that impacts our day-to-day lives and want to work with talented and dedicated people across the globe, apply today!,

Role Summary We're seeking an experienced Cloud Security Engineer with strong expertise in Azure and GCP platforms. In this role, you'll work at the intersection of cybersecurity and cloud engineering, focusing on implementing security recommendations from Cloud Security Posture Management (CSPM) and Cloud-Native Application Protection Platform (CNAPP) solutions. Key Responsibilities Analyze and prioritize security findings from CSPM and CNAPP tools across Azure, GCP and AWS environments Coordinate and execute remediation activities with cloud engineering teams to address identified vulnerabilities Lead the deployment, configuration, and maintenance of CSPM and CNAPP solutions Develop and implement security automation to streamline remediation processes Create and maintain cloud security documentation, including policies, procedures, and architectural diagrams Participate in security incident response for cloud-related events Provide cloud security expertise during new service deployments and architecture reviews Stay current with evolving cloud security best practices, threats, and compliance requirements Qualifications 4+ years of experience in cloud security across Azure and GCP platforms Demonstrable experience with CSPM and CNAPP tools and methodologies Strong understanding of cloud-native security controls, including IAM, encryption, network security, and logging/monitoring Proficiency in security automation using tools like Terraform, Azure ARM templates, or GCP Deployment Manager Experience with Kubernetes and other containerisation technologies Experience with cloud security frameworks and compliance standards (e.g., CIS, NIST, SOC2) Strong knowledge of DevSecOps principles and practices Excellent communication skills to effectively coordinate with various technical teams Preferred Skills Relevant security certifications (e.g., CCSP, Azure Security Engineer, GCP Professional Cloud Security Engineer) Experience with container security and Kubernetes environments Familiarity with cloud security APIs and CLI tools Background in security architecture or engineering Experience with cloud infrastructure as code (IaC) security scanning

What You'll Do Join us in building a secure, scalable, and experienced platform to support Avalara's expanding business and global customer base. As a Senior Application Security Engineer , you'll work with world-class engineers and architects to ensure security is embedded in everything we buildboth in today's systems and the future of our architecture. This role is perfect for someone passionate about automation, cloud-native security, and AI-driven application defense . You'll help shape the future of Avalara Security , driving security as code, ensuring automation-first practices, and integrating modern AI tooling into security workflows. You understand the value of developer empathy, moves quickly without sacrificing quality, and excels in an environment that combines startup energy with enterprise scale. Job Responsibilities You will build, maintain, and continuously improve an automated security pipeline framework integrated into our CI/CD environments. You will lead development of Infrastructure-as-Code and Policy-as-Code for application security enforcement and consistency across environments. You will evaluate and integrate security tools (SAST, DAST, SCA, CSPM, EDR) and AI-based solutions into engineering workflows and CI/CD pipelines. You will provide applicable guidance and mentorship to development and Avalara Security engineering teams on secure development best practices. Investigate, prototype, and apply AI/ML-based solutions for application behavior analysis, anomaly detection, and threat hunting. Promote security by design across the organization, and help foster a security-first culture. Contribute to the continuous refinement of the SDLC to ensure security is smooth, consistent, and measurable. What You'll Need to be Successful Required Qualifications 8+ years of experience in application security, secure software development , or security engineering. Strong programming proficiency in Python and GoLang (hands-on). Experience with secure SDLC practices and CI/CD pipeline integration. Strong hands-on experience with Kubernetes , container security, and cloud infrastructure security preferably AWS and GCP . Experience with Infrastructure-as-Code (IaC) tools like Terraform or CloudFormation. Working knowledge of cryptographic protocols and standards: TLS, OAuth, SAML, JWT , etc. Familiarity with Git , modern source control practices, and agile development methodologies. Experience working with a broad range of security tools , including: Tenable , Wiz (Cloud Security Posture Management) Checkmarx , Mend (SAST, SCA) Acunetix , Burp Suite (DAST) CrowdStrike (EDR/XDR) Bachelor's Degree in Computer Science, Engineering, or a related field. Proven experience contributing to security automation efforts within a security organization like Avalara Security . Experience with AI/ML tools and frameworks applied to application security or behavior analytics. Security certifications such as OSWE, CSSLP, AWS Security Specialty, or Kubernetes Security Specialist. Passion for enabling developer-friendly security solutions and maximum automation.

Roles & Responsibilities:- Design and implement secure AWS cloud architectures aligned with business and compliance requirements. Automate security controls and integrate them into CI/CD pipelines Manage and monitor AWS security tools such as GuardDuty, Security Hub, and CloudTrail Develop and enforce IAM policies using least privilege principles Conduct threat modeling, vulnerability assessments, and cloud security posture evaluations Ensure compliance with standards like SOC 2, ISO 27001, and NIST Support audit readiness and implement risk treatment plans Collaborate with DevOps teams to embed security in cloud deployments Promote DevSecOps culture across development and operations teams Create and maintain security-as-code using CloudFormation, Terraform, and scripting Automate detection, remediation, and incident response processes Provide security guidance during cloud migrations and new service adoptions Qualification:- Bachelors in Cybersecurity, Computer Science, or related field (Masters preferred) 7+ years in cybersecurity, with 5+ years in cloud security Strong expertise in AWS security tools (GuardDuty, Security Hub, IAM, KMS, CloudTrail) Familiar with cloud security frameworks (AWS Well-Architected, NIST CSF, CSA CCM) Experience in securing CI/CD pipelines and implementing IaC security (CloudFormation/Terraform) Hands-on with CSPM tools and automated security validation Deep understanding of IAM principles and DevSecOps practices Proficient in scripting (Python, Bash) for automation Strong knowledge of network, container, and serverless security Excellent communication skills (verbal and written) Certifications: AWS Security Specialty, CCSP, CISSP, or equivalent Preferred Qualifications :- Experience with multi-cloud (AWS, Azure, GCP) security Understanding of regulatory frameworks (e.g., GDPR, HIPAA, ISO) Hands-on with container security (Docker, Kubernetes, ECS/EKS) Experience with Zero Trust security models in cloud Familiarity with automated incident response and cloud-native tools Knowledge of Hashicorp Vault or similar tools for secrets management Experience securing data lakes and analytics platforms Worked with CWPP and serverless security best practices Cloud security experience in energy efficiency/sustainability domains Experience in cloud threat modeling and collaborating with global teams

Role & responsibilities Good interpersonal skills (written and oral communication) and ability to articulate complex issues Ability to communicate technical information clearly and concisely, commensurate with the audience Conceptual thinking and communication skills the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Good communicator (written and verbal) and listener. Must be a team player and motivated self-starter with ability to work independently with limited supervision. Must be assertive, methodical and detail oriented Technical Experience: Must have worked on Palo Alto Prisma cloud Experience in cloud security and understanding of basic principles Experience in CSPM, CIEM, and CWP Knowledge of cloud service providers (majorly Azure and GCP) and their technologies Mandatory skill sets: Palo Alto Prisma Cloud Preferred skill sets: CSPM , CIEM , CWP , Azure & GCP

Job Title: Cloud Security Department: Technology Consulting Location: Gurgaon Overview: We are seeking a highly skilled and experienced Cloud Security Manager to join our team. The ideal candidate will be responsible for overseeing the development, implementation, and maintenance of cloud security measures to protect the organization's cloud-based assets. The Cloud Security Manager will work closely with various teams to ensure compliance with industry standards and regulatory requirements. Key Responsibilities: Develop and implement cloud security policies and procedures to protect the organization's cloud-based assets Monitor and analyze security vulnerabilities and threats in the cloud environment Conduct regular security assessments and audits to identify and address potential risks Collaborate with cross-functional teams to ensure compliance with industry standards and regulatory requirements Manage incident response and resolution processes related to cloud security incidents Stay up-to-date on the latest security trends and technologies to enhance the organization's cloud security posture Qualifications: Bachelor's degree in Computer Science, Information Technology, or related field Certified Network Associate in Cloud Security (CNAPS) certification Certified Security Professional Manager (CSPM) certification Minimum of X years of experience in cloud security management in a large enterprise environment Strong knowledge of cloud security best practices, tools, and technologies Excellent communication and interpersonal skills Ability to work effectively in a fast-paced and dynamic environment

We are seeking a highly skilled and motivated Information Security Manager to lead initiatives across SOC operations and Governance, Breach attack simulation, cloud security, and governance. The ideal candidate will possess deep technical expertise, strategic thinking, and strong communication skills to drive a secure and resilient environment. KEY RESPONSIBILITIES Security Operations Center (SOC) Management Platform Optimization: Fine-tune SIEM ingestion devices to reduce noise and improve signal-to-noise ratio. Implement SOAR integrations for automated incident response and ticketing. Conduct regular health checks and performance tuning of SOC tools. MITRE ATT&CK Mapping: Align detection rules with MITRE tactics and techniques using AI-powered tagging tools. Maintain MITRE coverage dashboards and ensure completeness across analytics rules. SLA Tracking & Governance: Define and monitor SLAs for incident triage, escalation, and closure. Conduct weekly governance reviews with SOC partners to assess KPIs and incident trends. Develop playbooks and runbooks for consistent incident handling Oversee File Integrity Monitoring (FIM) implementation to detect unauthorized changes to critical files, system configurations, and registries. Define baseline configurations and monitor deviations. Ensure FIM alerts are integrated into SIEM for centralized visibility. Use FIM data to support forensic investigations and compliance audits. Implement and manage Database Access Monitoring to track and analyse user activity across critical databases. Monitor query execution, access patterns, and privilege usage. Detect unauthorized access attempts and suspicious behaviour. Ensure logging and alerting are in place for compliance and audit readiness. Cloud Security Posture Management (CSPM) / Cloud Workload Protection (CWP) Alert Triage & Remediation : Investigate alerts from CSPM/CWP tools and drive timely closure. Implement automated remediation scripts for common misconfigurations. Security Best Practices: Enforce secure-by-design principles across cloud deployments. Conduct periodic reviews of cloud policies, IAM roles, and network configurations. Automation & Optimization : Integrate CSPM/CWP tools with CI/CD pipelines for proactive security. Develop custom rules and policies tailored to business needs. External Threat Intelligence Brand Monitoring: Use threat intelligence platforms to detect phishing, impersonation, and brand abuse. Coordinate takedown requests and take required actions as needed. Dark Web Surveillance: Monitor forums and marketplaces for leaked credentials, insider threats, and data exposure. Governance, Risk & Compliance Policy & Frameworks: Develop and maintain security policies aligned with ISO 27001 and RBI guidelines. Conduct gap assessments and drive remediation plans. Audit & Risk Management: Support internal and external audits with evidence and documentation. Track risk mitigation efforts and report progress to senior leadership. Reporting & Stakeholder Engagement Executive Dashboards: Prepare monthly and quarterly reports on security posture, incidents, and metrics. Present findings to leadership and internal stakeholders. MANDATORY SKILLS REQUIRED 1. Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent experience). 2. SOC operations and SIEM optimization 3. MITRE ATT&CK mapping and threat modelling 4. CSPM/CWP alert management and automation 5. BAS execution and gap remediation 6. Threat intelligence (brand/dark web) 7. Strong understanding of regulatory frameworks (RBI, ISO 27001). 8. Excellent soft skills: stakeholder communication, presentation, and leadership. 9. Preferred certifications: CISM, CEH, CCSP, or equivalent. 10. Understanding of secure network architecture, segmentation and defence in depth. 11. Designing and implementing security controls across systems, networks and applications. 12. Ability to analyze complex security issues and clearly communicate them to non-technical stakeholders.

Description Contribute to the object of Cloud Security Governance-Monitoring -a continuous process of cloud security improvement and adaptation to reduce the likelihood of a successful attack”. Should assess/review the process, procedure, policy of all the domain controls deployed in the cloud. Should perform internal reviews for CSPM/SSPM/CWPP/CIEM policies which include Configuration baseline and compliance to standards review Exceptions review Auto remediation review Few common scenarios to consider but not limited to Lack of encryption on databases or data storage Lack of encryption on application traffic Improper encryption key management such as not rotating keys regularly Overly liberal account permissions No multi-factor authentication enabled Misconfigured network connectivity Data storage exposed directly to the internet Logging is not turned on to monitor critical Qualifications and Primary Responsibilities: 5 years related work experience with a preference for Azure Cloud Security. Work location is Hyderabad. Need to support for 24/7 operation on rotation basis. Experience with Cloud Security Posture Management tools (CSPM) systems. Experience working with cloud security and governance tools such as CSPM, cloud access security brokers (CASBs) technologies, Container Security, Cloud Workload Protection Platform (CWPP), cloud infrastructure entitlement management (CIEM) Experience with enterprise applications (architecture, development, support, and troubleshooting) In-depth knowledge of configuration Benchmarks for clouds. Possess a firm understanding of the offerings and capabilities within Azure, GCP, OCI, AWS clouds. Assess architecture of cloud to assure configuration compliance Assess Controls to assure quality in cloud Assess a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments. Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, Open ID, etc.) CSPM: Integration of accounts, configuration of custom policies (RQL), alert rules, monitoring alerts in PrismaCloud Defining Cloud Goverence policies and Framework based on Industry Standard guidelines like CIS, ISO, PCI DSS etc. Detailed Cloud Architectures validation. CASB evaluation and SaaS Application evaluation at Org level. Cloud Security Posture Management (CSPM) and CWPP Monitoring and evaluation. Defining strategies to improve Org level Cloud compliance score. Preparation of security best practices for cloud IaaS, PaaS and SaaS services. Provide input and feedback on cloud/hybrid security architectures. Assist in investigation and remediation of security misconfigurations and issues. Consult on and provide requirements for critical projects and initiatives. Ensure that the company knows as much as possible, as quickly as possible. Help drive cloud security practices in IaaS PaaS and SaaS implementations. Conduct security assessments to identify areas of risk and ensure any gaps are remediated Create and support configuration of CSPM tool preferably Palo Alto Prisma Cloud and able to work on the integration of tool with all major cloud providers. Help governance, compliance, and risk management teams to ensure the system consistently meets the requirements for benchmarks. Provides clear, consistent, regular communication with all project stakeholders at all levels, including presentations to senior management, creating agendas and meeting minutes. In-depth research of the latest cloud security tools, techniques and best practices and technologies to remain at the bleeding edge. Create and support KPIs and KRIs that measure risk reduction and progress in cloud over time. Builds a great working relationship with team members and the application teams.