Senior Cloud Security Engineer

As part of the evolving cybersecurity group, you will be working in a lean-mean-special action group across domains, with the independence to challenge the status quo and evolve cyber practices to the next level of maturity. Your core responsibilities will revolve around Product & Platform security, Cloud Native Risk Management, and Detection & Response. **Key Responsibilities:** - Own the cloud security posture management program (CSPM) and focus on continuous improvement of cloud security configurations aligned with global standards like NIST CSF, ISO 27001, ISO 31000, Cloud Security Alliance, etc. - Enhance detection policies on CSPM to optimize detection capabilities and establish technical standards for remediation of vulnerabilities identified on the cloud stack. - Manage an integrated vulnerability management dashboard to increase visibility on technical debt. - Develop the security stack to support a multi-cloud strategy in a high-density containerized environment. - Refer to CIS benchmarks and customize hardening standards based on technology stack evolution. - Engineer and promote adoption of Infra as a Code program in the pre-provisioning phase & PaaC (Policy as a code) for continuous monitoring of risk configuration changes. - Conduct risk assessment of proposed and existing cloud architecture, recommend technical and administrative controls to mitigate identified risks. - Design and implement frameworks and solutions to secure CI/CD pipelines. - Test, review, and implement container security on GKE, EKS, or AKS. - Collaborate with infra/product engineering teams to define baseline security configuration and enhance remediation practices. - Provide subject matter expertise in the analysis, assessment, development, and evaluation of security solutions and architectures. - Work with cloud vendors and external security researchers to resolve security gaps in InMobis Cloud. - Monitor and manage cloud performance & hygiene metrics (KCI, KPI, KRI). - Conduct training and security awareness activities for the Engineering teams. **Qualifications Required:** - 4-6 years of experience in the cloud security domain. - Hands-on experience with Azure/AWS/GCP security best practices and services. - Strong knowledge of virtualization, Docker, containers, and their orchestration with its challenges. - Familiarity with Kubernetes, network concepts, and web-related protocols. - Experience with infrastructure automation tools like Terraform. - Knowledge of common cloud-native/cloud-friendly authentication mechanisms. - Ability to work independently, superior communication skills, keen attention to detail, and curiosity to learn & adopt emerging technologies. - Knowledge of Security Operations Centre /Incident Management (good to have). - Associate or Professional-level Cloud and Kubernetes certification(s), GCP/CKA/CKS preferred. - Degree In Information Systems, Information Technology, Computer Science, or Engineering from an accredited college or university.,