We are seeking a highly skilled and experienced Cloud Security Professional (with 2 to 6 years of experience) to join our team based out of Mumbai location. The ideal candidate will have a deep understanding of cloud security concepts and be well-versed in industry standards such as the Cloud Security Alliance (CSA), National Institute of Standards and Technology (NIST), and ISO 27017 with proven experience of AWS, Azure and GCP Cloud Platforms. Responsibilities Conduct comprehensive assessment of client`s Cloud Platforms, identifying security vulnerabilities, compliance gaps and potential risks. Review Cloud Architecture design and configure to ensure alignment with industry and regulation requirements. Conduct compliance assessment of cloud environments with respect to applicable regulation requirement. Provide guidance on selection of cloud security solution and technology to address security challenges. Assist client by providing technical guidance on security controls and measure to enhance the security posture of cloud environments. Develop and refine the cloud security policies, procedure, and standards to align with regulatory and industry frameworks. Ensure client`s cloud environments adhere to relevant compliance such as GDPR, PCI DSS, SOC2 etc. Closely with client stakeholders to the mitigate security gaps by providing technical guidance and assistance. Skill/Experience Experience implementing industry-leading practices around cyber risks and Cloud security for clients cloud security frameworks using industry standards such as ISO/IEC 27017, CIS Benchmarks, Cloud Security Alliance (CSA) Cloud Control Matrix and NIST. Experience of Cloud Security Assessment, Landing Zone Review for any of one cloud service provider. Knowledge of Network Security principle including VPC, subnets, security groups, Network Access Controls list (NACL) Strong understanding of network security, encryption, identity, and access management (IAM), and data protection mechanisms in cloud environments Experience of native Cloud Security services like AWS Guard Duty, AWS Security Lake, AWS Security Hub, WAF, Microsoft Sentinel, Microsoft Defender for Cloud, GCP Chronicle. Excellent communication and collaboration skills, with the ability to effectively convey complex technical concepts to non-technical stakeholders Having any of certificate from below list will be added advantage: AWS Certified Solutions Architect – Associate AWS Certified SysOps Administrator - Associate AWS Certified Security Specialist AZ-500: Microsoft Azure Security Technologies SC-900: Microsoft Security, Compliance, and Identity Fundamentals
