The Security Consultant should have a strong understanding of the emerging security practices and standards. Should be able to consult, engineer and apply security best practices while designing and proposing solutions to our enterprise customers. Should be able to conduct system security, vulnerability analysis and risk assessment, identify security gaps, identify integration issues, study architecture/platform and design security architecture. A Cloud Native Security Consultant undertakes complex work of a high-risk level, often working on several projects. In this role, you will: • Interact with senior stakeholders across departments • Reach and influence a wide range of people across larger teams and communities • Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions • Develop vision, principles, and strategy for security architects for one project or technology • Work out subtle security needs • Understand the impact of decisions, balancing requirements and deciding between approaches • Produce patterns and support quality assurance • Be the point of escalation for architects in lower-grade roles • Lead the technical design of systems and services Qualifications/Experience: • Bachelors degree in any stream. • Minimum 3 years of working experience in Cyber Security Consulting or Advisory. • Successfully delivered at-least 2 (two) Cyber Security consulting and implementation projects as consultant in recent years (2 years). Certification: Preferred Certification: • GIAC Cloud Security Automation (GCSA) • Certified Kubernetes Security Specialist (CKS) • Certified DevSecOps Professional (CDP) • KUBERNETES AND CLOUD NATIVE ASSOCIATE (KCNA) • OEM certification on CNAPP security products (e.g., Palo Alto Prisma, Checkpoint Cloudguard, Aqua Security etc.) • Cloud Service Provider Security Certificates (e.g., SC-100, AWS Certified Security-Specialty, GCP Professional Cloud Security Engineer) • Pen Tester certification (LPT/ OSCP/GPEN) Certified Security - Specialty ** Certification should be valid Responsibilities Below will be the scope of the role • Collaborate with teams to build & deliver solutions implementing serverless, microservices based, IaaS, PaaS and containerized architecture of multi cloud environment • Develop rule base and parameterized IaC templates for automated deployment using Terraform • Build CI/CD Pipeline using AWS (CodeBuild, CodeDeploy, CodePipeline), Google (Cloud Build), Azure (DevOps, Pipelines) • Integrate 3rd party tool with CICD Process (e.g. SonarQube, CheckMarx, Embold) • Config Manage environment using industry standard DevOps tools (Ansible) • Implement scripting to extend build\deployment\monitoring process (PowerShell, Bash, Python) • Ability to develop IaC with Terraform • Strong understanding on Cloud Networking • Container, Microservices, Docker, Kubernetes security. • Network Security Orchestration on Microservices environment • Secure Microservice Communication, Secure Authentication to Common DB without API/password/sharing keys • Technical documentation, Product evaluation, POC. • Implementation, Migration and Architect of Security Technology and Solution • DevOps, DevSecOps and SRE (site reliability Engineering) mindset Knowledge and Skills Candidate should have experience in the below domains • Hands on experience with Cloud Native Application protection CNAPP Tools (Prisma Cloud by Palo Alto, Checkpoint Cloud Guard, Aqua Security) • Hands on experience with Automation Tools (e.g., Ansible, Chef, Puppet) • Experienced with Application migration from Monolithic to Microservices Architecture
