What s in it for YOU
- SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees
- Admirable work deserves to be rewarded. We have a well curated bouquet of rewards and recognition program for the employees
- Dynamic, Inclusive and Diverse team culture
- Gender Neutral Policy
- Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits
- Commitment to the overall development of an employee through comprehensive learning development framework
Role Purpose
This is a technical solution-oriented expertise role specific to Cloud Security posture involve in the testing, implementation and operation of secure state-of-the-art systems, networks, applications and database products across multiple cloud providers. Incumbent in this role is to manage Cloud Security solution at SBI Card such as CASB and expected to do continues risk assessments to provides recommendations for system and application to improve security controls for environment.
Role Accountability
- Own the cloud security posture management program (CSPM) and concentrate efforts on continuous improvement of the cloud security configurations aligned to global standards like NIST CSF, ISO 27001, ISO 31000, Cloud Security Alliance, etc.
- Uplift evolve detection policies on CSPM to optimize detection capabilities and draft technical standards for remediation on vulnerabilities identified on cloud stack.)
- Work in synergy with infra/product engineering teams in defining baseline security configuration, build continuous visibility for detecting misconfigurations/ vulnerabilities reported by CSPM and mature remediation practices
- Maintaining and measuring existing solutions to ensure on-going operational and security effectiveness with appropriate metrics.
- Develop, monitor, and manage cloud performance hygiene metrics (KCI, KPI, KRI).
- Prepare and deliver training and security awareness activities to the Engineering team
- Understand current and evolving threats for Cloud, including mitigation tools and techniques
- Apply native cloud service provider security and monitoring services in the cloud, including network access controls, encryption, alerting and secrets management.
- Modify, create or propose alerts for events of interest
- Help monitor common channels for priority communications
- Identify, develop and implement improvements in existing systems
- M-Support audit and compliance activities by providing acceptable evidence of infrastructure controls and supporting information to auditors.
- N- Propose metrics and reporting structure demonstrating ongoing progress towards improvement goals and objectives. Perform routine analysis and reconciliation of inventory
- O- Work with cloud vendors and external security researchers to resolve security gaps in SBI Card s Cloud environment/Presence
Measures of Success
- Successful Cloud Security solution implementation
- Development and maturity of Cloud Security Posture
- On-time successful delivery of remediation of identified risk and update to related stakeholders
- KPI/KRI is as per defined threshold
Technical Skills / Experience / Certifications
- Clear understanding Hands-on experience on public cloud services (AWS, Azure or GCP) and Security Solutions as CASB
- Good working knowledge of Cloud Security and practical understanding of AWS/Azure services including EC2, VPC, Route53
- Knowledge of IT and Cybersecurity frameworks, such as NIST or CIS
- Highly technical, eager to learn with strong analytical and problem-solving skills
- Ability to present information to management stakeholders (Internal external)
- Good verbal and written communication skills
- Ability willingness to work in 24*7 operations/support as required by organization
Competencies critical to the role
- Detail Orientation
- Teamwork and Collaboration
- Stakeholder Management
- Analytical ability
- Problem Solving
Qualification
- Bachelor s Degree or advance course in Computer Science or Information Security related areas
- Endpoint/Host Security Certification on related technology
- At least one Industry-standard certifications such as ISO27001 LA, CISSP, Azure Security
Preferred Industry
BFSI / NBFC /E-commerce/IT ITES / Telecom
