Sr. Lead - Cloud Security

Designation - Sr. Lead - Cloud Security

Experience - 8 - 12 years

Location - Remote(India)

Essential skills:

• Cloud security framework; Strong scripting skills with PowerShell and

experience managing Linux systems.

• Solid understanding of version control tools, particularly Git.
• Experience with cloud platforms, including AWS, Azure and GCP.
• Problem solving and troubleshooting skills.

Desired skills:

• Good communication skills
• Experience with Docker and container orchestration tools.
• Knowledge of microservices architecture and related best practices.

Summary:

Resource must exhibit strong trouble shooting and problem-solving skills along with knowledge of cloud architecture, security features, and cloud platforms such as AWS. Resource must be well-versed with incident management; must have information security auditing experience.

Roles & Responsibilities:

Security Integration in DevOps Pipelines:

● Embed security tools and practices in CI/CD pipelines to detect

and mitigate vulnerabilities.

● Implement static and dynamic code analysis, vulnerability

scanning, and container security checks.

Infrastructure Security:

● Design and implement secure infrastructure leveraging cloud

services and Infrastructure as Code (IaC).

● Ensure configuration management for servers and cloud

environments meets security standards.

Automation and Monitoring:

● Automate security testing and monitoring processes to maintain

compliance and reduce manual intervention.

● Develop and maintain monitoring systems to detect anomalies

and security breaches.

Collaboration and Training:

● Collaborate with cross-functional teams to address security

concerns during software development and deployment.

● Provide training and awareness on secure coding practices and

DevSecOps tools.

Incident Management:

● Respond to security incidents, conduct root cause analysis, and

implement preventive measures.

● Maintain and test incident response plans.

Compliance and Governance:

● Ensure systems adhere to regulatory requirements and industry

best practices.

● Conduct periodic security audits and assessments to maintain

compliance.

● Considering dependencies, relationships, and integration points

to ensure proper solution integration with other systems when

applicable

● Responsibility for compliance with applicable industry standards,

corporate policies and procedures

● Maintaining high-level of client satisfaction

● Leveraging knowledge and experience of technical

implementation related to IT Infrastructure Library (ITIL)

processes, workflow customization, ticketing, process

automation, report development, dashboard creation, and

system configurations

Essential Experience:

● Solid experience in software development and operations,

with a focus on security.

● Strong knowledge of DevOps principles and practices,

including CI/CD pipelines, version control systems, and

automated testing frameworks.

● Proficiency in scripting and automation using languages such

as Python, Ruby, or PowerShell.

● Familiarity with cloud platforms and services (e.g., AWS,

Azure, GCP) and their security considerations.

● Experience with containerization technologies (e.g., Docker,

Kubernetes) and associated security practices.

● Knowledge of security frameworks and standards (e.g.,

OWASP, NIST, ISO 27001) and their application in software

development.

● Understanding of secure coding practices and common

vulnerabilities (e.g., OWASP Top 10) and their mitigation

techniques.

● Strong analytical and problem-solving skills, with the ability

to identify and address security risks and incidents

effectively.

Desired Experience:

● Excellent communication and collaboration skills, with the

ability to work effectively with cross-functional teams and

stakeholders.

● Knowledge of microservices architecture and related best

practices

Certifications, if any:

AWS Security, CEH, ISO 27001