In this role, you will be part of the cybersecurity group focusing on managing and guarding against digital risks in a Cloud Native-DevOps Only environment. You will have the opportunity to work across domains, challenge the status quo, and evolve cyber practices to enhance maturity levels. The core competencies of the team revolve around Product & Platform security, Cloud Native Risk Management, and Detection & Response. **Key Responsibilities:** - Own the cloud security posture management program (CSPM) and focus on continuous improvement of cloud security configurations aligned with global standards like NIST CSF, ISO 27001, ISO 31000, and Cloud Security Alliance. - Enhance detection policies on CSPM for improved detection capabilities and establish technical standards for remediation of vulnerabilities on the cloud stack. - Manage an integrated vulnerability management dashboard to increase visibility on technical debt. - Develop and enhance security stack to support a multi-cloud strategy in a high-density containerized environment. - Utilize CIS benchmarks and customize hardening standards based on technology stack evolution. - Engineer and promote the adoption of Infra as a Code program in the pre-provisioning phase and PaaC (Policy as a code) for continuous monitoring of risk configuration changes. - Perform risk assessments of proposed and existing cloud architecture, recommend technical and administrative controls to mitigate identified risks. - Design frameworks and solutions to secure CI/CD pipelines. - Test, review, and implement container security on GKE, EKS, or AKS. - Collaborate with infra/product engineering teams to define baseline security configuration, enhance visibility for detecting misconfigurations/vulnerabilities reported by CSPM, and develop remediation practices. - Provide subject matter expertise in analyzing, assessing, developing, and evaluating security solutions and architectures to secure applications, operating systems, databases, and networks. - Work with cloud vendors and external security researchers to address security gaps in InMobis Cloud. - Develop, monitor, and manage cloud performance & hygiene metrics (KCI, KPI, KRI). - Prepare and conduct training and security awareness activities for Engineering teams. **Qualifications Required:** - 4-6 years of experience in the cloud security domain. - Hands-on experience with Azure/AWS/GCP security best practices and services. - Strong knowledge of virtualization, Docker, containers, and their orchestration with its challenges. - Hands-on knowledge of Kubernetes (PSP, N/W policy, admission controller, etc.). - Strong understanding of network concepts and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, TLS, DDoS detection/prevention). - Hands-on experience with infrastructure automation tools like Terraform. - Knowledge of common and industry-standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.). - Experience reviewing and understanding cloud architecture and security best practices. - Ability to work independently with little direction and/or supervision. - Superior communication skills, keen attention to detail, curiosity to learn & adopt emerging technologies. - Knowledge of Security Operations Centre /Incident Management (good to have, not mandatory). - Holds Associate or Professional-level Cloud and Kubernetes certification(s), GCP/CKA/CKS preferred. - A Degree in Information Systems, Information Technology, Computer Science, or Engineering from an accredited college or university. In this role, you will be part of the cybersecurity group focusing on managing and guarding against digital risks in a Cloud Native-DevOps Only environment. You will have the opportunity to work across domains, challenge the status quo, and evolve cyber practices to enhance maturity levels. The core competencies of the team revolve around Product & Platform security, Cloud Native Risk Management, and Detection & Response. **Key Responsibilities:** - Own the cloud security posture management program (CSPM) and focus on continuous improvement of cloud security configurations aligned with global standards like NIST CSF, ISO 27001, ISO 31000, and Cloud Security Alliance. - Enhance detection policies on CSPM for improved detection capabilities and establish technical standards for remediation of vulnerabilities on the cloud stack. - Manage an integrated vulnerability management dashboard to increase visibility on technical debt. - Develop and enhance security stack to support a multi-cloud strategy in a high-density containerized environment. - Utilize CIS benchmarks and customize hardening standards based on technology stack evolution. - Engineer and promote the adoption of Infra as a Code program in the pre-provisioning phase and PaaC (Policy as a code) for continuous monitoring of risk configuration changes. - Perform risk assessments of proposed and existing cloud architecture,
Wait!
Before You Leave... Find Your Perfect Job!
Are you sure you don't want to discover the perfect job opportunity? At JobPe, we help you find the best career matches, tailored to your skills and preferences. Don’t miss out on your dream job!