Exotel - Lead Cloud Security Engineer IV (7-11 yrs)

Exotel Global
Posted on
Exotel Global logo

Experience
7 - 11 yrs
Job Location
Bengaluru, India
Vacancy
1
Designation
Cloud Security Engineer
Job Type
ONSITE

Job Description

Description :


As our Cloud Security Engineer IV / Lead, you will be responsible for the security assessment of infrastructure/cloud. Implementing and managing security controls for cloud services, which includes Secure configuration management for all Cloud native services and setting up processes and guidelines. The goal is to build Seamless Security.


We want you to redefine how developers view security, eliminating friction and improving Security natively. You will work closely with other Security functions, DevOps, Architects and Developers, and QA to build highly reliable and secure products on the cloud.


Responsibilities :


- Understand the Multi-Cloud( AWS, Azure, etc. ) identity management ecosystem holistically and create a secure infrastructure. Enforce compliance with IAM principles, including least privilege access, password management, Audit logging, RBAC, user account lifecycle, certificate management, and system authentication solutions (SSO/Federation). Minimum of 3 years of experience with AWS and/or Azure.


- Prepare reference architectures for Developer adoption- Secure Cloud Architecture.


- Devise and implement Serverless, Container, and Kubernetes Security Strategies in the company.


- Deploy CNAPP (Cloud-Native Application Protection Platform)-CSPM, CWPP solutions at a large scale.


- Lead Remediation for findings from CSPM (Cloud Security Posture Management); work with developers on targeted remediation based on prioritization


- Experience working with Infrastructure-as-Code (IaC) to secure-by-design solutions to mitigate/fix cloud security issues (Terraform, CloudFormation, etc. )


- Build Tools to assist Engineering teams with the remediation of issues at scale across the Cloud.


- Building security tooling to aid with the protection of data stored in the cloud and compliant with relevant regulations- Enforcement of Cloud Data Protection Guidelines from the Risk team.


- Improve Web App Firewalls (WAF); prior experience with WAF rule fine-tuning a plus. Ensure early Identification of intrusions and attacks and implement countermeasures.


- Experience with solutions around DDoS and identifying Anti-bot patterns for critical flows.


- Partner with the SOC team for Security Incident Management and Remediation triage with Engineering across the ecosystem.


Requirements :


- Overall 7+ years of relevant experience.


- Bachelor's degree in Computer Science or a related technical discipline, or equivalent practical experience.


- Solid understanding of MultiCloud, including but not limited to Amazon Web Services (AWS), including VPC, ELB, IAM, KMS, EC2 S3 CloudTrail, CloudFormation, CloudWatch, Cloud HSM, AWS Encryption SDK, RDS, ELB, AWS Route 53 CloudFront, SNS and similar stacks from Azure.


- Experience with enforcement of Security Best practices via Cloud Formation/Terraform IaC.


- Understanding of security frameworks and standards like OWASP and NIST; Solid understanding of security protocols, cryptography, authentication, and authorization.


- Good understanding of Linux and Windows OS, TCP/IP protocol stack and networking fundamentals, and security principles at all layers of the OSI stack.


- Experience with API security, AWS/Azure cloud security, container security, network security, cryptography, PKI, and certificate management.


- Experience in CI/CD Tools Including Git, Jenkins, Ansible, or similar.


- Experience in designing cloud-native security architectures and applying defense-in-depth strategies.


- Advanced Expertise in at least one language, Shell scripting/Python/Go/NodeJS, and AWS CLI.


- Expert knowledge of container security (Docker/Kubernetes), Container security tools such as Twistlock and Aqua Security, etc.


- Experience with third-party/open-source cloud security tools.


- Experience with tooling and systems for a build, infrastructure automation, and monitoring.

No Referrers Available

There are currently no referrers available for this job. You can still apply, will let you know once there is any referrer available.