Senior Cloud Security Engineer - Vulnerability Assessment (5-10 yrs)

Experience : 5 to 9 years in Information Security

Exp : 2 years in Azure Cloud Security

Work Location : Trivandrum (Hybrid)

Roles and Responsibilities :

- Conduct security assessments, vulnerability assessments, and penetration tests on systems and applications to identify weaknesses and recommend remediation actions.

- Monitor and analyze security alerts, events, and incidents to promptly detect and respond to threats.

- Manage and maintain security tools and technologies, such as firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems.

- Proactively monitoring Key Risk Indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps.

- Seen as the cloud-security and cloud-compliance SME by the teams you support.

- Participate in incident response activities, including containment, investigation, and recovery, in the event of a security incident.

- Stay updated with cybersecurity threats, vulnerabilities, and industry best practices to ensure the organization remains secure.

- Ability to provide security guidance for physical, virtual, and code infrastructure.

- Provide vendor due diligence reviews, including SOC2 and vendor risk assessments.

- Drive change to improve the overall security posture.

- Ensure the protection of Organization information assets through the technical enforcement of organizational security standards and policies.

- Ensure technology risk impacting the business is effectively identified, quantified, communicated, and managed, including recommendations for resolution and identifying the root cause.

- Serve as a point of escalation and subject matter expert for IT Risk and Cyber domains, including vulnerability management, data protection, cloud and application security.

- Collaborate with team members and stakeholders on firm-mandated audits and take responsibility in performing the required reviews associated with the audit.

- Review IAM control standards, objectives in regular basis and perform access reviews associated with it

- Be the trusted advisor to ensure security of designs and blueprints for application architectures and cloud platforms.

- Design and maintain automated workflows to streamline security operations.

- Establish solid relationships with other teams and provide advisement as needed.

- Build and cultivate a security focused culture through partnership and collaboration with the business and technology teams.

Expected Expertise & Skillsets :

- Expert understanding of common information security standards and best practices. Experience in Security and regulatory compliance standards and frameworks

- Configure, deploy, and manage enterprise security tools including such as log management (SIEM), antivirus, intrusion prevention, data leak prevention, and application scanning and remediation.

- Researches, analyzes, and formulates recommendations regarding technologies, products, and solutions to fulfill requirements within CACU.

- Solid understanding of system development life cycle (SDLC) and provide security recommendations and oversight.

- Azure Cloud security experience (Preferred 2 years).

- Minimum 3 to 4 years of experience in cloud security

- Hands on experience securing public cloud workloads in a hybrid, corporate environment.

- Security, risk, and compliance experience with Cloud Platforms.

- Knowledge of security controls, configuration management, and vulnerability management in public cloud.

- Solid understanding of firewalls, WAFs, Web Gateways, and IPS

- Excellent problem-solving and analytical skills with the ability to quickly isolate problems, collect data, establish facts, and draw valid conclusions.

- Practical understanding with Agile, ITIL, monitoring, and metrics

Skill Set Required - Must Have :

- Configure, deploy, and manage enterprise security tools including such as log management (SIEM), antivirus, intrusion prevention, data leak prevention, and application scanning and remediation

- Researches, analyzes, and formulates recommendations regarding technologies, products, and solutions to fulfill requirements within CACU.

- Solid understanding of system development life cycle (SDLC) and provide security recommendations and oversight

- Azure Cloud security experience (Preferred 2 years).

- Azure Cloud Admin/Developer - (Preferred 2 years)

- Application Security

- Network Security technology

- Mathematical/statistic mindset