Cloud Security Engineer – India – 8 to 9 Years Experience

Job Description

As a Cloud Security Engineer, you will be responsible for designing, implementing, and maintaining security controls and processes for our Azure and AWS cloud environments. You will play a key role in ensuring the security, integrity, and availability of our cloud infrastructure and services, as well as compliance with SOC 1, SOC 2, and SOC 3 standards. Additionally, you will be involved in the configuration and management of Security Information and Event Management (SIEM) systems to detect and respond to security incidents effectively.

Responsibilities:

• Design and implement security controls, policies, and procedures for Azure and AWS cloud environments to protect against threats and vulnerabilities.
• Conduct security assessments and reviews of cloud architectures, configurations, and deployments to identify and address security risks.
• Ensure compliance with SOC 1, SOC 2, and SOC 3 standards by implementing appropriate controls, monitoring mechanisms, and audit procedures.
• Coordinate and participate in SOC audits, including gathering evidence, responding to inquiries, and addressing findings.
• Configure and manage SIEM systems to collect, correlate, and analyze security event data from cloud environments, network devices, and applications.
• Monitor security alerts and incidents generated by SIEM and other security tools, investigate potential security breaches, and coordinate incident response activities.
• Implement IAM solutions in Azure and AWS to manage user identities, roles, permissions, and access controls effectively.
• Enforce least privilege principles and implement multi-factor authentication (MFA) where appropriate to enhance security posture.
• Implement encryption mechanisms to protect data at rest and in transit within Azure and AWS cloud environments.
• Ensure compliance with data privacy regulations and industry standards by implementing appropriate data protection measures.
• Develop scripts, templates, and automation workflows to streamline security operations tasks such as provisioning, monitoring, and incident response in cloud environments.
• Collaborate with cross-functional teams, including cloud architects, developers, and operations teams, to integrate security controls seamlessly into cloud solutions.
• Communicate security risks, best practices, and recommendations to technical and non-technical stakeholders effectively.